Single-turn attack techniques for red-team message augmentation.
Provides deterministic encoding transforms that can be randomly applied to
attacker messages before sending them to the target agent. Each technique
encodes the message and prepends a preamble so the target understands how
to decode it.
These are zero-cost (no LLM calls) and test whether safety filters can
handle obfuscated inputs.
Single-turn attack techniques for red-team message augmentation.
Provides deterministic encoding transforms that can be randomly applied to attacker messages before sending them to the target agent. Each technique encodes the message and prepends a preamble so the target understands how to decode it.
These are zero-cost (no LLM calls) and test whether safety filters can handle obfuscated inputs.