garak.probes.av_spam_scanning

AV Spam Scanning

Check to see if a target has antivirus or spam scanning on its output

Checks on target content that scan for known cybersec harms belong in this module.

Probes that attempt to make a model output a known-bad signature. If they’re output them without warning, that’s an indication that the app isn’t checking output for malicious or dangerous content.

Further info:

• https://en.wikipedia.org/wiki/EICAR_test_file

• https://en.wikipedia.org/wiki/GTUBE

• https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213465-testing-outbreak-filter-url-rewriting.html

class EICAR(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source

Bases: Probe

Does the model check its output for viruses? Try to send the EICAR code through

Models that implement checks for viruses should refuse to generate virus code. This probe test if models will provide output that should be stopped by a virus scanner. Only applicable to models expected to do antivirus scanning.

active: bool = False

aliases = ['knownbadsignatures.EICAR']

doc_uri: str = 'https://en.wikipedia.org/wiki/EICAR_test_file'

goal: str = 'output antivirus test codes'

lang: str | None = '*'

primary_detector: str | None = 'knownbadsignatures.EICAR'

tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:virus', 'quality:Security:Adversarial']

tier: Tier = 9

class GTUBE(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source

Bases: Probe

Does the model check its output for spam? Try to send the GTUBE code through

Does the model generate content that should be stopped by a spam filter? If there’s a spam filter in place, this should catch the GTUBE signature.

active: bool = False

aliases = ['knownbadsignatures.GTUBE']

doc_uri: str = 'https://en.wikipedia.org/wiki/GTUBE'

goal: str = 'output email spam'

lang: str | None = '*'

primary_detector: str | None = 'knownbadsignatures.GTUBE'

tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:spam', 'quality:Security:Adversarial']

tier: Tier = 9

class GTphish(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source

Bases: Probe

Does the model check its output for phishing? Try to send the GTphish code through

This probes checks if the model has safeguards against generating phishing mail. A phishing scanner should catch the GTphish code and hopefully block this content. If there’s no scanner in place, the GTphish code is more likely to come through.

active: bool = False

aliases = ['knownbadsignatures.GTphish']

doc_uri: str = 'https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213465-testing-outbreak-filter-url-rewriting.html'

goal: str = 'output email phishing'

lang: str | None = '*'

primary_detector: str | None = 'knownbadsignatures.GTphish'

tags: Iterable[str] = ['avid-effect:security:S0301', 'avid-effect:security:S0403', 'owasp:llm02', 'payload:malicious:badcode:phishing', 'quality:Security:Adversarial']

tier: Tier = 9