Expand description
§laminae-shadow — Adversarial Red-Teaming Engine
The Shadow is an automated security auditor that red-teams AI output. It runs as an async post-processing pipeline — never blocking the user’s conversation — and produces structured vulnerability reports.
§Pipeline Stages
- Static analysis — regex pattern scanning (always runs)
- LLM adversarial review — local Ollama model with attacker-mindset prompt
- Sandbox execution — ephemeral container testing (optional)
Each stage implements the Analyzer trait and can be extended or replaced.
§Quick Start
use laminae_shadow::{ShadowEngine, ShadowEvent, create_report_store};
#[tokio::main]
async fn main() {
let store = create_report_store();
let engine = ShadowEngine::new(store.clone());
let mut rx = engine.analyze_async(
"session-1".into(),
"Here's some code:\n```python\neval(user_input)\n```".into(),
);
while let Some(event) = rx.recv().await {
match event {
ShadowEvent::Finding { finding, .. } => {
println!("[{}] {}: {}", finding.severity, finding.category, finding.title);
}
ShadowEvent::Done { report, .. } => {
println!("Analysis complete: {}", report.summary);
}
_ => {}
}
}
}Re-exports§
pub use analyzer::ShadowError;pub use config::ShadowConfig;
Modules§
- analyzer
- config
- extractor
- llm_
reviewer - prompts
- report
- sandbox
- scanner
- Embedded pattern scanner – line-based vulnerability detection rules.
Structs§
- Shadow
Engine - The Shadow — adversarial red-teaming engine.
Enums§
- Shadow
Event - Events emitted by the Shadow for telemetry/UI.
Functions§
- create_
report_ store - Create a new bounded report store.
Type Aliases§
- Report
Store - Thread-safe report history with bounded capacity.