mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 21:19:40 +03:00
8cae0648ec
Demand-driven expansion targeting the fastest-growing 2025-2026 threat and
skills categories (ISC2/WEF/CrowdStrike/Mandiant signals):
- AI Security (NEW domain, 12 skills): LLM red-teaming with garak/PyRIT,
prompt injection (direct/indirect/RAG), MCP tool-poisoning, agentic tool
invocation, guardrails, model/data poisoning, system-prompt leakage,
embedding/vector weaknesses, model extraction, continuous red-teaming
- Supply Chain Security (NEW domain, 5 skills): SBOMs, dependency confusion,
malicious-npm triage, typosquatting, SLSA/Sigstore provenance
- Hardware & Firmware Security (NEW domain, 4 skills): CHIPSEC/UEFI audit,
Secure Boot bypass, TPM measured-boot attestation, ESP bootkit hunting
- Identity (10): Entra ID/ROADtools, GraphRunner, AADInternals, ADCS/Certipy,
shadow credentials, coercion, BloodHound CE, device-code phishing, SSO abuse
- Cloud-native (8): Stratus, Pacu, CloudFox, container escape, K8s RBAC,
Falco, Trivy, kube-bench
- Offensive C2 (6): Sliver, Havoc, NetExec, DPAPI, NTLM relay ESC8, redirectors
- DFIR (6): Hayabusa, Chainsaw, KAPE, Velociraptor, EZ Tools, Plaso
- Backfill (4): OpenCTI, MISP, honeytokens, post-quantum crypto migration
Each skill follows the repo taxonomy (SKILL.md + references/{standards,api-reference}.md
+ scripts/agent.py + LICENSE), with researched real tool commands (no placeholders),
complete frontmatter, and ATT&CK/ATLAS + NIST CSF mappings. Updates README domain
table, skill count, and index.json.
3.0 KiB
3.0 KiB
garak CLI Reference
Source: https://github.com/NVIDIA/garak and https://reference.garak.ai/en/latest/cliref.html
Invocation
python -m garak <options>
# or the console script
garak <options>
Core flags
| Flag | Description | Example |
|---|---|---|
--target_type (alias --model_type) |
Generator family / interface | --target_type openai |
--target_name (alias --model_name) |
Specific model name | --target_name gpt-4o-mini |
--probes, -p |
Comma-separated probe spec; module or module.Class |
--probes promptinject,dan.Dan_11_0 |
--detectors, -d |
Override detectors | --detectors mitigation.MitigationBypass |
--generations, -g |
Completions generated per prompt | --generations 5 |
--parallel_attempts |
Parallel probe attempts (throughput) | --parallel_attempts 8 |
--report_prefix |
Prefix for output report files | --report_prefix baseline |
--config |
Load a YAML/JSON run config | --config assessment.yaml |
-G / --generator_option_file |
JSON file with generator options (REST etc.) | -G rest.json |
--generator_options |
Inline JSON generator options | |
--list_probes |
Print all probes and exit | |
--list_detectors |
Print all detectors and exit | |
--list_generators |
Print all generator types and exit | |
--list_buffs |
Print prompt-mutating buffs | |
--version |
Print version | |
--verbose, -v |
Increase logging |
Common target_type values
| Value | Target |
|---|---|
huggingface |
Local Hugging Face model |
openai |
OpenAI / OpenAI-compatible API (uses OPENAI_API_KEY) |
rest |
Arbitrary HTTP endpoint via JSON spec |
ggml / nim / replicate / cohere / bedrock |
Other hosted/local backends |
REST generator JSON spec keys
| Key | Meaning |
|---|---|
uri |
Endpoint URL |
method |
HTTP method (post) |
headers |
Request headers (supports $ENV_VAR) |
req_template_json_object |
Request body with $INPUT placeholder |
response_json |
true if response is JSON |
response_json_field |
JSONPath to extract the model output |
Output artifacts
| File | Content |
|---|---|
<prefix>.report.jsonl |
Line-delimited record of every attempt, generation, and detector verdict |
<prefix>.report.html |
Human-readable scorecard |
<prefix>.hitlog.jsonl |
Confirmed successful attacks (evidence) |
garak.log |
Debug log |
Example runs
# Enumerate
garak --list_probes
# Local HF model, single jailbreak probe
python -m garak --target_type huggingface --target_name gpt2 --probes dan.Dan_11_0
# Hosted API, injection + leakage suite
export OPENAI_API_KEY="sk-..."
python -m garak --target_type openai --target_name gpt-4o-mini \
--probes promptinject,latentinjection,leakreplay \
--generations 5 --parallel_attempts 8 --report_prefix assessment
# Arbitrary REST endpoint
python -m garak --target_type rest -G rest.json --probes promptinject,dan