Files
Anthropic-Cybersecurity-Skills/skills/red-teaming-llms-with-garak/references/api-reference.md
T
mukul975 8cae0648ec Add 55 new skills across 3 new domains + 6 undercovered areas (762 -> 817)
Demand-driven expansion targeting the fastest-growing 2025-2026 threat and
skills categories (ISC2/WEF/CrowdStrike/Mandiant signals):

- AI Security (NEW domain, 12 skills): LLM red-teaming with garak/PyRIT,
  prompt injection (direct/indirect/RAG), MCP tool-poisoning, agentic tool
  invocation, guardrails, model/data poisoning, system-prompt leakage,
  embedding/vector weaknesses, model extraction, continuous red-teaming
- Supply Chain Security (NEW domain, 5 skills): SBOMs, dependency confusion,
  malicious-npm triage, typosquatting, SLSA/Sigstore provenance
- Hardware & Firmware Security (NEW domain, 4 skills): CHIPSEC/UEFI audit,
  Secure Boot bypass, TPM measured-boot attestation, ESP bootkit hunting
- Identity (10): Entra ID/ROADtools, GraphRunner, AADInternals, ADCS/Certipy,
  shadow credentials, coercion, BloodHound CE, device-code phishing, SSO abuse
- Cloud-native (8): Stratus, Pacu, CloudFox, container escape, K8s RBAC,
  Falco, Trivy, kube-bench
- Offensive C2 (6): Sliver, Havoc, NetExec, DPAPI, NTLM relay ESC8, redirectors
- DFIR (6): Hayabusa, Chainsaw, KAPE, Velociraptor, EZ Tools, Plaso
- Backfill (4): OpenCTI, MISP, honeytokens, post-quantum crypto migration

Each skill follows the repo taxonomy (SKILL.md + references/{standards,api-reference}.md
+ scripts/agent.py + LICENSE), with researched real tool commands (no placeholders),
complete frontmatter, and ATT&CK/ATLAS + NIST CSF mappings. Updates README domain
table, skill count, and index.json.
2026-06-22 19:08:16 +02:00

81 lines
3.0 KiB
Markdown

# garak CLI Reference
Source: https://github.com/NVIDIA/garak and https://reference.garak.ai/en/latest/cliref.html
## Invocation
```bash
python -m garak <options>
# or the console script
garak <options>
```
## Core flags
| Flag | Description | Example |
|------|-------------|---------|
| `--target_type` (alias `--model_type`) | Generator family / interface | `--target_type openai` |
| `--target_name` (alias `--model_name`) | Specific model name | `--target_name gpt-4o-mini` |
| `--probes`, `-p` | Comma-separated probe spec; module or `module.Class` | `--probes promptinject,dan.Dan_11_0` |
| `--detectors`, `-d` | Override detectors | `--detectors mitigation.MitigationBypass` |
| `--generations`, `-g` | Completions generated per prompt | `--generations 5` |
| `--parallel_attempts` | Parallel probe attempts (throughput) | `--parallel_attempts 8` |
| `--report_prefix` | Prefix for output report files | `--report_prefix baseline` |
| `--config` | Load a YAML/JSON run config | `--config assessment.yaml` |
| `-G` / `--generator_option_file` | JSON file with generator options (REST etc.) | `-G rest.json` |
| `--generator_options` | Inline JSON generator options | |
| `--list_probes` | Print all probes and exit | |
| `--list_detectors` | Print all detectors and exit | |
| `--list_generators` | Print all generator types and exit | |
| `--list_buffs` | Print prompt-mutating buffs | |
| `--version` | Print version | |
| `--verbose`, `-v` | Increase logging | |
## Common target_type values
| Value | Target |
|-------|--------|
| `huggingface` | Local Hugging Face model |
| `openai` | OpenAI / OpenAI-compatible API (uses `OPENAI_API_KEY`) |
| `rest` | Arbitrary HTTP endpoint via JSON spec |
| `ggml` / `nim` / `replicate` / `cohere` / `bedrock` | Other hosted/local backends |
## REST generator JSON spec keys
| Key | Meaning |
|-----|---------|
| `uri` | Endpoint URL |
| `method` | HTTP method (`post`) |
| `headers` | Request headers (supports `$ENV_VAR`) |
| `req_template_json_object` | Request body with `$INPUT` placeholder |
| `response_json` | `true` if response is JSON |
| `response_json_field` | JSONPath to extract the model output |
## Output artifacts
| File | Content |
|------|---------|
| `<prefix>.report.jsonl` | Line-delimited record of every attempt, generation, and detector verdict |
| `<prefix>.report.html` | Human-readable scorecard |
| `<prefix>.hitlog.jsonl` | Confirmed successful attacks (evidence) |
| `garak.log` | Debug log |
## Example runs
```bash
# Enumerate
garak --list_probes
# Local HF model, single jailbreak probe
python -m garak --target_type huggingface --target_name gpt2 --probes dan.Dan_11_0
# Hosted API, injection + leakage suite
export OPENAI_API_KEY="sk-..."
python -m garak --target_type openai --target_name gpt-4o-mini \
--probes promptinject,latentinjection,leakreplay \
--generations 5 --parallel_attempts 8 --report_prefix assessment
# Arbitrary REST endpoint
python -m garak --target_type rest -G rest.json --probes promptinject,dan
```