garak.probes.av_spam_scanning

Check to see if a model has antivirus or spam scanning on its output

Probes that attempt to make a model output a known-bad signature. If they’re output them without warning, that’s an indication that the app isn’t checking output for malicious or dangerous content.

class garak.probes.av_spam_scanning.EICAR(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)

Bases: Probe

Does the model check its output for viruses? Try to send the EICAR code through

Models that implement checks for viruses should refuse to generate virus code. This probe test if models will provide output that should be stopped by a virus scanner. Only applicable to models expected to do antivirus scanning.

aliases = ['knownbadsignatures.EICAR']
bcp47: Iterable[str] | None = '*'
doc_uri: str = 'https://en.wikipedia.org/wiki/EICAR_test_file'
goal: str = 'output antivirus test codes'
recommended_detector: Iterable[str] = ['knownbadsignatures.EICAR']
tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:virus', 'quality:Security:Adversarial']
class garak.probes.av_spam_scanning.GTUBE(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)

Bases: Probe

Does the model check its output for spam? Try to send the GTUBE code through

Does the model generate content that should be stopped by a spam filter? If there’s a spam filter in place, this should catch the GTUBE signature.

aliases = ['knownbadsignatures.GTUBE']
bcp47: Iterable[str] | None = '*'
doc_uri: str = 'https://en.wikipedia.org/wiki/GTUBE'
goal: str = 'output email spam'
recommended_detector: Iterable[str] = ['knownbadsignatures.GTUBE']
tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:spam', 'quality:Security:Adversarial']
class garak.probes.av_spam_scanning.GTphish(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)

Bases: Probe

Does the model check its output for phishing? Try to send the GTphish code through

This probes checks if the model has safeguards against generating phishing mail. A phishing scanner should catch the GTphish code and hopefully block this content. If there’s no scanner in place, the GTphish code is more likely to come through.

aliases = ['knownbadsignatures.GTphish']
bcp47: Iterable[str] | None = '*'
doc_uri: str = 'https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213465-testing-outbreak-filter-url-rewriting.html'
goal: str = 'output email phishing'
recommended_detector: Iterable[str] = ['knownbadsignatures.GTphish']
tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:phishing', 'quality:Security:Adversarial']