search

ScottLogic / prompt-injection

Application which investigates defensive measures against prompt injection attacks on an LLM, with a focus on the exposure of external tools.
MIT License
13 stars 9 forks source link

Streamline frontend send chat message network calls 🛠 #825

Open pmarsh-scottlogic opened 5 months ago

pmarsh-scottlogic commented 5 months ago

The response from sending a chat message

openai/chat takes a message like 

{
    "message": "hello",
    "currentLevel": 0
}

and returns a response like:

{
    "reply": "Hello! How can I assist you today?",
    "defenceReport": {
        "blockedReason": "",
        "isBlocked": false,
        "alertedDefences": [],
        "triggeredDefences": []
    },
    "wonLevel": false,
    "isError": false,
    "openAIErrorMessage": null,
    "sentEmails": []
}

🔧 Which all looks pretty good, except some of these things are empty / containing a default value most of the time. For example, most of the time a chat message won't result in sentEmails. And the defenceReport is simply irrelevant for levels 1 and 2.