Documentation
¶
Overview ¶
Package detection provides the vulnerability detection engine for LLM responses
Package detection provides the vulnerability detection engine for LLM responses ¶
Package detection provides the vulnerability detection engine for LLM responses ¶
Package detection provides the vulnerability detection engine for LLM responses ¶
Package detection provides the vulnerability detection engine for LLM responses ¶
Package detection provides the vulnerability detection engine for LLM responses ¶
Package detection provides the vulnerability detection engine for LLM responses
Index ¶
- type BatchDetectionRequest
- type BatchDetectionResult
- type DefaultDetectionEngine
- func (e *DefaultDetectionEngine) BatchDetect(ctx context.Context, requests []BatchDetectionRequest) ([]BatchDetectionResult, error)
- func (e *DefaultDetectionEngine) Detect(ctx context.Context, response string, criteria []DetectionCriteria) ([]*DetectionResult, error)
- func (e *DefaultDetectionEngine) DetectWithDetector(ctx context.Context, response string, criteria DetectionCriteria, ...) (*DetectionResult, error)
- func (e *DefaultDetectionEngine) GetDetector(name string) (VulnerabilityDetector, bool)
- func (e *DefaultDetectionEngine) ListDetectors() []string
- func (e *DefaultDetectionEngine) RegisterDetector(detector VulnerabilityDetector)
- func (e *DefaultDetectionEngine) RegisterPostHook(hook DetectionHook)
- func (e *DefaultDetectionEngine) RegisterPreHook(hook DetectionHook)
- func (e *DefaultDetectionEngine) SetRemediationProvider(provider RemediationProvider)
- func (e *DefaultDetectionEngine) SetStandardMappingProvider(provider StandardMappingProvider)
- type DefaultEmbeddingService
- type DefaultRemediationProvider
- type DefaultStandardMappingProvider
- type DetectionCriteria
- type DetectionEngine
- type DetectionHook
- type DetectionInput
- type DetectionMethod
- type DetectionResult
- type Detector
- type EmbeddingProvider
- type EmbeddingService
- type Engine
- type Factory
- func (f *Factory) CreateDetectionEngine() *DefaultDetectionEngine
- func (f *Factory) CreateEmbeddingService(provider EmbeddingProvider) *DefaultEmbeddingService
- func (f *Factory) CreateHybridMatcher(semanticMatcher *SemanticMatcher) *HybridMatcher
- func (f *Factory) CreateMockEmbeddingProvider() *MockEmbeddingProvider
- func (f *Factory) CreateRegexMatcher() *RegexMatcher
- func (f *Factory) CreateRemediationProvider() *DefaultRemediationProvider
- func (f *Factory) CreateSemanticMatcher(embeddingService EmbeddingService) *SemanticMatcher
- func (f *Factory) CreateStandardMappingProvider() *DefaultStandardMappingProvider
- func (f *Factory) CreateStringMatcher() *StringMatcher
- type HybridMatcher
- type MockEmbeddingProvider
- type RegexMatcher
- type RemediationProvider
- type Result
- type SemanticMatcher
- type SeverityLevel
- type StandardMapping
- type StandardMappingProvider
- type StringMatcher
- type Template
- type TemplateDetection
- type TemplateInfo
- type TemplateIntegration
- func (i *TemplateIntegration) BatchDetectFromTemplates(ctx context.Context, templates []*Template, response string) ([]*TemplateResult, error)
- func (i *TemplateIntegration) ConvertTemplateToCriteria(template *Template) ([]DetectionCriteria, error)
- func (i *TemplateIntegration) DetectFromTemplate(ctx context.Context, template *Template, response string) (*TemplateResult, error)
- type TemplateResult
- type TemplateTest
- type TemplateVariation
- type VulnerabilityDetector
- type VulnerabilityType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BatchDetectionRequest ¶
type BatchDetectionRequest struct {
// Response is the LLM response to analyze
Response string `json:"response"`
// Criteria is the list of detection criteria to apply
Criteria []DetectionCriteria `json:"criteria"`
// DetectorName is the optional name of a specific detector to use
DetectorName string `json:"detector_name,omitempty"`
}
BatchDetectionRequest represents a request for batch detection
type BatchDetectionResult ¶
type BatchDetectionResult struct {
// Response is the LLM response that was analyzed
Response string `json:"response"`
// Results is the list of detection results
Results []*DetectionResult `json:"results"`
// Error is any error that occurred during detection
Error string `json:"error,omitempty"`
}
BatchDetectionResult represents the result of a batch detection
type DefaultDetectionEngine ¶
type DefaultDetectionEngine struct {
// contains filtered or unexported fields
}
DefaultDetectionEngine is the default implementation of the DetectionEngine interface
func NewDetectionEngine ¶
func NewDetectionEngine() *DefaultDetectionEngine
NewDetectionEngine creates a new default detection engine
func (*DefaultDetectionEngine) BatchDetect ¶
func (e *DefaultDetectionEngine) BatchDetect(ctx context.Context, requests []BatchDetectionRequest) ([]BatchDetectionResult, error)
BatchDetect performs batch detection of vulnerabilities
func (*DefaultDetectionEngine) Detect ¶
func (e *DefaultDetectionEngine) Detect(ctx context.Context, response string, criteria []DetectionCriteria) ([]*DetectionResult, error)
Detect detects vulnerabilities in an LLM response using all registered detectors
func (*DefaultDetectionEngine) DetectWithDetector ¶
func (e *DefaultDetectionEngine) DetectWithDetector(ctx context.Context, response string, criteria DetectionCriteria, detectorName string) (*DetectionResult, error)
DetectWithDetector detects vulnerabilities in an LLM response using a specific detector
func (*DefaultDetectionEngine) GetDetector ¶
func (e *DefaultDetectionEngine) GetDetector(name string) (VulnerabilityDetector, bool)
GetDetector gets a detector by name
func (*DefaultDetectionEngine) ListDetectors ¶
func (e *DefaultDetectionEngine) ListDetectors() []string
ListDetectors lists all registered detectors
func (*DefaultDetectionEngine) RegisterDetector ¶
func (e *DefaultDetectionEngine) RegisterDetector(detector VulnerabilityDetector)
RegisterDetector registers a vulnerability detector
func (*DefaultDetectionEngine) RegisterPostHook ¶
func (e *DefaultDetectionEngine) RegisterPostHook(hook DetectionHook)
RegisterPostHook registers a hook to run after detection
func (*DefaultDetectionEngine) RegisterPreHook ¶
func (e *DefaultDetectionEngine) RegisterPreHook(hook DetectionHook)
RegisterPreHook registers a hook to run before detection
func (*DefaultDetectionEngine) SetRemediationProvider ¶
func (e *DefaultDetectionEngine) SetRemediationProvider(provider RemediationProvider)
SetRemediationProvider sets the remediation provider
func (*DefaultDetectionEngine) SetStandardMappingProvider ¶
func (e *DefaultDetectionEngine) SetStandardMappingProvider(provider StandardMappingProvider)
SetStandardMappingProvider sets the standard mapping provider
type DefaultEmbeddingService ¶
type DefaultEmbeddingService struct {
// contains filtered or unexported fields
}
DefaultEmbeddingService is the default implementation of the EmbeddingService interface
func NewEmbeddingService ¶
func NewEmbeddingService(provider EmbeddingProvider) *DefaultEmbeddingService
NewEmbeddingService creates a new embedding service
func (*DefaultEmbeddingService) GetEmbedding ¶
GetEmbedding gets an embedding for a text
func (*DefaultEmbeddingService) GetSimilarity ¶
func (s *DefaultEmbeddingService) GetSimilarity(ctx context.Context, text1, text2 string) (float64, error)
GetSimilarity gets the similarity between two texts
type DefaultRemediationProvider ¶
type DefaultRemediationProvider struct {
// contains filtered or unexported fields
}
DefaultRemediationProvider is the default implementation of the RemediationProvider interface
func NewRemediationProvider ¶
func NewRemediationProvider() *DefaultRemediationProvider
NewRemediationProvider creates a new remediation provider
func (*DefaultRemediationProvider) GetRemediation ¶
func (p *DefaultRemediationProvider) GetRemediation(ctx context.Context, result *DetectionResult) (string, error)
GetRemediation gets a remediation suggestion for a detected vulnerability
func (*DefaultRemediationProvider) RegisterRemediation ¶
func (p *DefaultRemediationProvider) RegisterRemediation(vulnType VulnerabilityType, remediation string)
RegisterRemediation registers a remediation suggestion
type DefaultStandardMappingProvider ¶
type DefaultStandardMappingProvider struct {
// contains filtered or unexported fields
}
DefaultStandardMappingProvider is the default implementation of the StandardMappingProvider interface
func NewStandardMappingProvider ¶
func NewStandardMappingProvider() *DefaultStandardMappingProvider
NewStandardMappingProvider creates a new standard mapping provider
func (*DefaultStandardMappingProvider) GetStandardMappings ¶
func (p *DefaultStandardMappingProvider) GetStandardMappings(ctx context.Context, vulnType VulnerabilityType, severity SeverityLevel) ([]StandardMapping, error)
GetStandardMappings gets standard mappings for a detected vulnerability
func (*DefaultStandardMappingProvider) RegisterMapping ¶
func (p *DefaultStandardMappingProvider) RegisterMapping(vulnType VulnerabilityType, severity SeverityLevel, mapping StandardMapping)
RegisterMapping registers a standard mapping
type DetectionCriteria ¶
type DetectionCriteria struct {
// Type is the type of detection method to use
Type DetectionMethod `json:"type"`
// Pattern is the pattern to match (for regex_match)
Pattern string `json:"pattern,omitempty"`
// Match is the string to match (for string_match)
Match string `json:"match,omitempty"`
// Criteria is the criteria for semantic matching (for semantic_match)
Criteria string `json:"criteria,omitempty"`
// FunctionName is the name of the custom function to use (for custom_function)
FunctionName string `json:"function_name,omitempty"`
// Condition is the condition to apply (e.g., "contains", "not_contains")
Condition string `json:"condition,omitempty"`
// Threshold is the threshold for semantic matching (0-100)
Threshold int `json:"threshold,omitempty"`
// CaseSensitive indicates whether the match should be case-sensitive
CaseSensitive bool `json:"case_sensitive,omitempty"`
// Context provides additional context for the detection
Context map[string]interface{} `json:"context,omitempty"`
}
DetectionCriteria represents the criteria for detecting a vulnerability
type DetectionEngine ¶
type DetectionEngine interface {
// RegisterDetector registers a vulnerability detector
RegisterDetector(detector VulnerabilityDetector)
// GetDetector gets a detector by name
GetDetector(name string) (VulnerabilityDetector, bool)
// ListDetectors lists all registered detectors
ListDetectors() []string
// Detect detects vulnerabilities in an LLM response using all registered detectors
Detect(ctx context.Context, response string, criteria []DetectionCriteria) ([]*DetectionResult, error)
// DetectWithDetector detects vulnerabilities in an LLM response using a specific detector
DetectWithDetector(ctx context.Context, response string, criteria DetectionCriteria, detectorName string) (*DetectionResult, error)
}
DetectionEngine is the main interface for the vulnerability detection engine
type DetectionHook ¶
type DetectionHook func(ctx context.Context, response string, criteria DetectionCriteria, result *DetectionResult) error
DetectionHook is a function that runs before or after detection
type DetectionInput ¶
type DetectionInput struct {
Template management.Template `json:"template"`
Provider provider.Provider `json:"provider"`
Request *provider.Request `json:"request,omitempty"`
Response *provider.Response `json:"response,omitempty"`
Context map[string]interface{} `json:"context,omitempty"`
}
DetectionInput represents input for vulnerability detection
type DetectionMethod ¶
type DetectionMethod string
DetectionMethod represents the method used to detect a vulnerability
const ( StringMatch DetectionMethod = "string_match" RegexMatch DetectionMethod = "regex_match" SemanticMatch DetectionMethod = "semantic_match" CustomFunction DetectionMethod = "custom_function" HybridMatch DetectionMethod = "hybrid_match" )
Standard detection methods
type DetectionResult ¶
type DetectionResult struct {
// Detected indicates whether a vulnerability was detected
Detected bool `json:"detected"`
// VulnerabilityType is the type of vulnerability detected
VulnerabilityType VulnerabilityType `json:"vulnerability_type"`
// Severity is the severity level of the detected vulnerability
Severity SeverityLevel `json:"severity"`
// ConfidenceScore is the confidence score of the detection (0-100)
ConfidenceScore int `json:"confidence_score"`
// DetectionMethod is the method used to detect the vulnerability
DetectionMethod DetectionMethod `json:"detection_method"`
// StandardMappings maps the vulnerability to standard security frameworks
StandardMappings []StandardMapping `json:"standard_mappings,omitempty"`
// MatchedContent is the content that matched the detection criteria
MatchedContent []string `json:"matched_content,omitempty"`
// Context provides additional context about the detection
Context map[string]interface{} `json:"context,omitempty"`
// Timestamp is the time when the detection occurred
Timestamp time.Time `json:"timestamp"`
// RemediationSuggestion provides suggestions for remediation
RemediationSuggestion string `json:"remediation_suggestion,omitempty"`
}
DetectionResult represents the result of a vulnerability detection
type Detector ¶
type Detector interface {
Detect(ctx context.Context, input *DetectionInput) (*Result, error)
GetType() string
GetSeverity() string
}
Detector interface for specific vulnerability detectors
type EmbeddingProvider ¶
type EmbeddingProvider interface {
// GetEmbedding gets an embedding for a text
GetEmbedding(ctx context.Context, text string) ([]float64, error)
// GetName returns the name of the provider
GetName() string
}
EmbeddingProvider is the interface for generating embeddings
type EmbeddingService ¶
type EmbeddingService interface {
// GetEmbedding gets an embedding for a text
GetEmbedding(ctx context.Context, text string) ([]float64, error)
// GetSimilarity gets the similarity between two texts
GetSimilarity(ctx context.Context, text1, text2 string) (float64, error)
}
EmbeddingService is the interface for generating embeddings
type Engine ¶
type Engine interface {
Execute(ctx context.Context, template management.Template, provider provider.Provider) (*Result, error)
Validate(template management.Template) error
GetSupportedTemplateTypes() []string
}
Engine interface for vulnerability detection
type Factory ¶
type Factory struct{}
Factory is a factory for creating detection engine components
func (*Factory) CreateDetectionEngine ¶
func (f *Factory) CreateDetectionEngine() *DefaultDetectionEngine
CreateDetectionEngine creates a new detection engine with all standard components
func (*Factory) CreateEmbeddingService ¶
func (f *Factory) CreateEmbeddingService(provider EmbeddingProvider) *DefaultEmbeddingService
CreateEmbeddingService creates a new embedding service
func (*Factory) CreateHybridMatcher ¶
func (f *Factory) CreateHybridMatcher(semanticMatcher *SemanticMatcher) *HybridMatcher
CreateHybridMatcher creates a new hybrid matcher
func (*Factory) CreateMockEmbeddingProvider ¶
func (f *Factory) CreateMockEmbeddingProvider() *MockEmbeddingProvider
CreateMockEmbeddingProvider creates a new mock embedding provider
func (*Factory) CreateRegexMatcher ¶
func (f *Factory) CreateRegexMatcher() *RegexMatcher
CreateRegexMatcher creates a new regex matcher
func (*Factory) CreateRemediationProvider ¶
func (f *Factory) CreateRemediationProvider() *DefaultRemediationProvider
CreateRemediationProvider creates a new remediation provider
func (*Factory) CreateSemanticMatcher ¶
func (f *Factory) CreateSemanticMatcher(embeddingService EmbeddingService) *SemanticMatcher
CreateSemanticMatcher creates a new semantic matcher
func (*Factory) CreateStandardMappingProvider ¶
func (f *Factory) CreateStandardMappingProvider() *DefaultStandardMappingProvider
CreateStandardMappingProvider creates a new standard mapping provider
func (*Factory) CreateStringMatcher ¶
func (f *Factory) CreateStringMatcher() *StringMatcher
CreateStringMatcher creates a new string matcher
type HybridMatcher ¶
type HybridMatcher struct {
// contains filtered or unexported fields
}
HybridMatcher is a detector that combines multiple detection methods
func NewHybridMatcher ¶
func NewHybridMatcher(semanticMatcher *SemanticMatcher) *HybridMatcher
NewHybridMatcher creates a new hybrid matcher
func (*HybridMatcher) Detect ¶
func (d *HybridMatcher) Detect(ctx context.Context, response string, criteria DetectionCriteria) (*DetectionResult, error)
Detect detects vulnerabilities in an LLM response
func (*HybridMatcher) Name ¶
func (d *HybridMatcher) Name() string
Name returns the name of the detector
type MockEmbeddingProvider ¶
type MockEmbeddingProvider struct{}
MockEmbeddingProvider is a mock implementation of the EmbeddingProvider interface
func NewMockEmbeddingProvider ¶
func NewMockEmbeddingProvider() *MockEmbeddingProvider
NewMockEmbeddingProvider creates a new mock embedding provider
func (*MockEmbeddingProvider) GetEmbedding ¶
GetEmbedding gets a mock embedding for a text
func (*MockEmbeddingProvider) GetName ¶
func (p *MockEmbeddingProvider) GetName() string
GetName returns the name of the provider
type RegexMatcher ¶
type RegexMatcher struct{}
RegexMatcher is a detector that matches regex patterns in LLM responses
func NewRegexMatcher ¶
func NewRegexMatcher() *RegexMatcher
NewRegexMatcher creates a new regex matcher
func (*RegexMatcher) Detect ¶
func (d *RegexMatcher) Detect(ctx context.Context, response string, criteria DetectionCriteria) (*DetectionResult, error)
Detect detects vulnerabilities in an LLM response
func (*RegexMatcher) Name ¶
func (d *RegexMatcher) Name() string
Name returns the name of the detector
type RemediationProvider ¶
type RemediationProvider interface {
// GetRemediation gets a remediation suggestion for a detected vulnerability
GetRemediation(ctx context.Context, result *DetectionResult) (string, error)
}
RemediationProvider is the interface for providing remediation suggestions
type Result ¶
type Result struct {
VulnerabilityDetected bool `json:"vulnerability_detected"`
Title string `json:"title,omitempty"`
Description string `json:"description,omitempty"`
Severity string `json:"severity,omitempty"`
Category string `json:"category,omitempty"`
Evidence map[string]interface{} `json:"evidence,omitempty"`
Remediation string `json:"remediation,omitempty"`
Confidence float64 `json:"confidence,omitempty"`
Timestamp time.Time `json:"timestamp"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Result represents the result of a vulnerability detection
type SemanticMatcher ¶
type SemanticMatcher struct {
// contains filtered or unexported fields
}
SemanticMatcher is a detector that performs semantic matching on LLM responses
func NewSemanticMatcher ¶
func NewSemanticMatcher(embedder EmbeddingService) *SemanticMatcher
NewSemanticMatcher creates a new semantic matcher
func (*SemanticMatcher) Detect ¶
func (d *SemanticMatcher) Detect(ctx context.Context, response string, criteria DetectionCriteria) (*DetectionResult, error)
Detect detects vulnerabilities in an LLM response
func (*SemanticMatcher) Name ¶
func (d *SemanticMatcher) Name() string
Name returns the name of the detector
type SeverityLevel ¶
type SeverityLevel string
SeverityLevel represents the severity of a detected vulnerability
const ( Critical SeverityLevel = "critical" High SeverityLevel = "high" Medium SeverityLevel = "medium" Low SeverityLevel = "low" Info SeverityLevel = "info" )
Standard severity levels
type StandardMapping ¶
type StandardMapping struct {
// Standard is the name of the standard (e.g., "OWASP Top 10 for LLMs", "ISO/IEC 42001")
Standard string `json:"standard"`
// ID is the identifier within the standard (e.g., "LLM01", "8.2.3")
ID string `json:"id"`
// Name is the name of the item within the standard
Name string `json:"name"`
// URL is a link to more information about the standard item
URL string `json:"url,omitempty"`
}
StandardMapping represents a mapping to a standard security framework
type StandardMappingProvider ¶
type StandardMappingProvider interface {
// GetStandardMappings gets standard mappings for a detected vulnerability
GetStandardMappings(ctx context.Context, vulnType VulnerabilityType, severity SeverityLevel) ([]StandardMapping, error)
}
StandardMappingProvider is the interface for mapping vulnerabilities to standards
type StringMatcher ¶
type StringMatcher struct{}
StringMatcher is a detector that matches strings in LLM responses
func NewStringMatcher ¶
func NewStringMatcher() *StringMatcher
NewStringMatcher creates a new string matcher
func (*StringMatcher) Detect ¶
func (d *StringMatcher) Detect(ctx context.Context, response string, criteria DetectionCriteria) (*DetectionResult, error)
Detect detects vulnerabilities in an LLM response
func (*StringMatcher) Name ¶
func (d *StringMatcher) Name() string
Name returns the name of the detector
type Template ¶
type Template struct {
ID string
Info TemplateInfo
Test TemplateTest
}
Template represents a simplified template structure
type TemplateDetection ¶
type TemplateDetection struct {
Type string
Match string
Pattern string
Criteria string
Condition string
}
TemplateDetection represents detection criteria in a template
type TemplateInfo ¶
type TemplateInfo struct {
ID string
Name string
Description string
Severity string
Tags []string
Compliance struct {
OWASP string
ISO string
}
}
TemplateInfo represents template information
type TemplateIntegration ¶
type TemplateIntegration struct {
// contains filtered or unexported fields
}
TemplateIntegration provides integration with template systems
func NewTemplateIntegration ¶
func NewTemplateIntegration(engine DetectionEngine) *TemplateIntegration
NewTemplateIntegration creates a new template integration
func (*TemplateIntegration) BatchDetectFromTemplates ¶
func (i *TemplateIntegration) BatchDetectFromTemplates(ctx context.Context, templates []*Template, response string) ([]*TemplateResult, error)
BatchDetectFromTemplates detects vulnerabilities using multiple templates
func (*TemplateIntegration) ConvertTemplateToCriteria ¶
func (i *TemplateIntegration) ConvertTemplateToCriteria(template *Template) ([]DetectionCriteria, error)
ConvertTemplateToCriteria converts a template to detection criteria
func (*TemplateIntegration) DetectFromTemplate ¶
func (i *TemplateIntegration) DetectFromTemplate(ctx context.Context, template *Template, response string) (*TemplateResult, error)
DetectFromTemplate detects vulnerabilities using a template
type TemplateResult ¶
type TemplateResult struct {
TemplateID string
Status string
StartTime time.Time
EndTime time.Time
Duration time.Duration
Error error
Response string
Detected bool
Score int
Details map[string]interface{}
}
TemplateResult represents the result of a template execution
type TemplateTest ¶
type TemplateTest struct {
Prompt string
Detection TemplateDetection
Variations []TemplateVariation
}
TemplateTest represents the test section of a template
type TemplateVariation ¶
type TemplateVariation struct {
Prompt string
Detection TemplateDetection
}
TemplateVariation represents a variation of a template test
type VulnerabilityDetector ¶
type VulnerabilityDetector interface {
// Detect detects vulnerabilities in an LLM response
Detect(ctx context.Context, response string, criteria DetectionCriteria) (*DetectionResult, error)
// Name returns the name of the detector
Name() string
}
VulnerabilityDetector is the interface for detecting vulnerabilities in LLM responses
type VulnerabilityType ¶
type VulnerabilityType string
VulnerabilityType represents the type of vulnerability detected
const ( // Prompt injection vulnerabilities PromptInjection VulnerabilityType = "prompt_injection" // Sensitive information disclosure SensitiveInfoDisclosure VulnerabilityType = "sensitive_info_disclosure" // Jailbreak attempts Jailbreak VulnerabilityType = "jailbreak" // Harmful content generation HarmfulContent VulnerabilityType = "harmful_content" // Insecure code generation InsecureCode VulnerabilityType = "insecure_code" // Data poisoning DataPoisoning VulnerabilityType = "data_poisoning" // Model denial of service ModelDoS VulnerabilityType = "model_dos" // Indirect prompt injection IndirectPromptInjection VulnerabilityType = "indirect_prompt_injection" UnauthorizedAccess VulnerabilityType = "unauthorized_access" // Overreliance Overreliance VulnerabilityType = "overreliance" )
Standard vulnerability types