adversaria 0.1.0

Adversarial Testing Harness for Large Language Models
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249

# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 0.1.x   | :white_check_mark: |

## Reporting a Vulnerability

If you discover a security vulnerability in Adversaria, please report it responsibly:

1. **Do NOT** open a public issue
2. Email security@adversaria.dev with:
   - Description of the vulnerability
   - Steps to reproduce
   - Potential impact
   - Suggested fix (if any)

We will respond within 48 hours and work with you to address the issue.

## Security Considerations

### API Keys

**Risk**: Exposure of API keys can lead to unauthorized access and costs.

**Mitigation**:
- Never commit API keys to version control
- Use environment variables: `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`
- Rotate keys regularly
- Use separate keys for testing
- Monitor API usage

**Example**:
```bash
# Good
export OPENAI_API_KEY="sk-..."

# Bad - Never do this
api_key: sk-... # in config file
```

### Rate Limiting

**Risk**: Excessive API calls can result in rate limiting or high costs.

**Mitigation**:
- Configure appropriate timeouts
- Implement backoff strategies
- Monitor API usage
- Set budget alerts

**Configuration**:
```yaml
providers:
  openai:
    timeout_seconds: 30
    max_retries: 3
```

### Data Privacy

**Risk**: Sensitive data in prompts or responses could be logged or stored.

**Mitigation**:
- Review attack payloads before use
- Sanitize reports before sharing
- Don't include PII in custom payloads
- Secure report storage

### Model Safety

**Risk**: Some attacks may trigger safety mechanisms or violate terms of service.

**Mitigation**:
- Use separate test accounts
- Review provider terms of service
- Test in controlled environments
- Document all testing activities

### Local Execution

**Risk**: Running untrusted code or plugins.

**Mitigation**:
- Review plugin code before loading
- Use sandboxed environments
- Limit plugin permissions
- Audit plugin sources

## Best Practices

### 1. Secure Configuration

```yaml
# adversaria.config.yaml
version: "1.0"
default_provider: openai

providers:
  openai:
    api_key: null  # Use environment variable
    model: gpt-4
```

### 2. Environment Variables

```bash
# .env (add to .gitignore)
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...
```

### 3. Separate Test Accounts

- Use dedicated API keys for testing
- Separate from production keys
- Lower rate limits for safety

### 4. Monitor Usage

- Track API calls
- Set budget alerts
- Review costs regularly
- Monitor for anomalies

### 5. Secure Reports

```bash
# Set appropriate permissions
chmod 600 reports/*.json

# Encrypt sensitive reports
gpg -e report.json
```

### 6. Audit Logs

Enable logging for security audits:

```bash
RUST_LOG=adversaria=info adversaria run
```

### 7. Network Security

- Use HTTPS for all API calls
- Verify SSL certificates
- Use VPN for sensitive testing
- Firewall configuration

## Threat Model

### Threats

1. **API Key Theft**
   - Impact: Unauthorized access, costs
   - Likelihood: Medium
   - Mitigation: Environment variables, rotation

2. **Data Leakage**
   - Impact: Privacy breach
   - Likelihood: Low
   - Mitigation: Sanitization, encryption

3. **Rate Limit Abuse**
   - Impact: High costs, service disruption
   - Likelihood: Low
   - Mitigation: Timeouts, monitoring

4. **Malicious Plugins**
   - Impact: Code execution, data theft
   - Likelihood: Low
   - Mitigation: Code review, sandboxing

5. **Report Tampering**
   - Impact: False security assessment
   - Likelihood: Low
   - Mitigation: Signatures, checksums

## Security Checklist

Before running Adversaria:

- [ ] API keys stored in environment variables
- [ ] Using separate test account
- [ ] Rate limits configured
- [ ] Monitoring enabled
- [ ] Reports directory secured
- [ ] Network connection secure
- [ ] Reviewed attack payloads
- [ ] Documented testing activities

## Incident Response

If a security incident occurs:

1. **Contain**: Stop all testing immediately
2. **Assess**: Determine scope and impact
3. **Notify**: Contact affected parties
4. **Remediate**: Fix the vulnerability
5. **Document**: Record incident details
6. **Review**: Update security measures

## Compliance

### Terms of Service

Ensure compliance with provider terms:
- OpenAI: https://openai.com/policies/terms-of-use
- Anthropic: https://www.anthropic.com/legal/consumer-terms
- Ollama: Local use, no restrictions

### Ethical Use

Adversaria is for:
- Security research
- Model evaluation
- Defensive testing
- Educational purposes

NOT for:
- Malicious attacks
- Unauthorized testing
- Terms of service violations
- Illegal activities

## Updates

Security updates will be:
- Announced in CHANGELOG.md
- Tagged with version numbers
- Documented in release notes
- Communicated via GitHub

## Contact

For security concerns:
- Email: security@adversaria.dev
- GitHub: https://github.com/adversaria/adversaria/security

## Acknowledgments

We thank security researchers who responsibly disclose vulnerabilities.

## License

This security policy is part of the Adversaria project and is licensed under MIT.