Select a report from the sidebar
New Red-Team Run
Configure and launch a security scan against your AI application.
Choose a Template
🤖
OpenAI-Compatible
LiteLLM, vLLM, Ollama
🛡️
Custom Agent
Auth, roles, tools
⚙️
Full Config
All options
⚡
Quick Test
Minimal, 1 round
🔌
MCP Server
stdio, SSE, HTTP
Configuration
Edit the JSON below or use a template above. baseUrl and applicationDetails are the key fields to update.
Configuration Reference — Attack Categories, Strategies & Parameters
KEY PARAMETERS
| Field | Default | Description |
|---|---|---|
| target.baseUrl | — | Your app's URL (use host.docker.internal for local) |
| target.agentEndpoint | — | Chat/agent API path (e.g., /api/chat, /v1/chat/completions) |
| target.applicationDetails | — | Describe your app — tools, roles, data access. More detail = better attacks |
| attackConfig.adaptiveRounds | 3 | Number of attack rounds (each adapts based on prior results) |
| attackConfig.maxAttacksPerCategory | 15 | Max attacks generated per category per round |
| attackConfig.llmProvider | anthropic | anthropic, openai, or openrouter |
| attackConfig.enableLlmGeneration | true | Use AI to generate novel attacks (disable for seed-only) |
| attackConfig.enableAdaptiveMultiTurn | true | Auto-generate multi-turn conversation attacks |
| attackConfig.enableDiscovery | false | Run reconnaissance round to discover tools/surfaces before attacking |
| attackConfig.enabledCategories | all | Array of category IDs to test (empty = all 139 categories) |
| sensitivePatterns | [] | Strings that should never appear in responses (API keys, passwords, etc.) |
ATTACK CATEGORIES — click to copy, filter by framework
ATTACK STRATEGIES (use in enabledStrategies array — empty = all)
Loading strategies...