From 24032bb9bfe04e6922fb52395eebd48ed57b0630 Mon Sep 17 00:00:00 2001 From: Raja Sekhar Rao Dheekonda Date: Tue, 17 Mar 2026 11:37:17 -0700 Subject: [PATCH 1/4] fix: Switch notebook to OpenAI gpt-4o and read keys from env vars --- examples/airt/agentic_red_teaming_attacks.ipynb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/airt/agentic_red_teaming_attacks.ipynb b/examples/airt/agentic_red_teaming_attacks.ipynb index 913dcf47..e8742fb9 100644 --- a/examples/airt/agentic_red_teaming_attacks.ipynb +++ b/examples/airt/agentic_red_teaming_attacks.ipynb @@ -52,8 +52,9 @@ "outputs": [], "source": [ "CRUCIBLE_API_KEY = os.environ[\"CRUCIBLE_API_KEY\"] # https://platform.dreadnode.io/account\n", + "OPENAI_API_KEY = os.environ[\"OPENAI_API_KEY\"]\n", "CRUCIBLE_URL = \"https://platform.dreadnode.io\"\n", - "ATTACKER_MODEL = \"groq/meta-llama/llama-4-scout-17b-16e-instruct\"\n", + "ATTACKER_MODEL = \"openai/gpt-4o\"\n", "EVALUATOR_MODEL = ATTACKER_MODEL\n", "\n", "TOOLSHED_URL = \"https://toolshed.platform.dreadnode.io\"\n", From cf3efc71e109fe8978351e4d7eff8fa4b4adcb26 Mon Sep 17 00:00:00 2001 From: Raja Sekhar Rao Dheekonda Date: Tue, 17 Mar 2026 11:47:12 -0700 Subject: [PATCH 2/4] fix: Add organization param and fix VaultGuard transforms reference --- examples/airt/agentic_red_teaming_attacks.ipynb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/airt/agentic_red_teaming_attacks.ipynb b/examples/airt/agentic_red_teaming_attacks.ipynb index e8742fb9..5c2e9aa0 100644 --- a/examples/airt/agentic_red_teaming_attacks.ipynb +++ b/examples/airt/agentic_red_teaming_attacks.ipynb @@ -20,7 +20,7 @@ "\n", "```bash\n", "export CRUCIBLE_API_KEY=\"your-api-key\" # from https://platform.dreadnode.io/account\n", - "export GROQ_API_KEY=\"your-groq-api-key\"\n", + "export OPENAI_API_KEY=\"your-openai-api-key\"\n", "```" ] }, @@ -340,7 +340,7 @@ " frontier_size=10,\n", " branching_factor=5,\n", " on_topic_threshold=0.3,\n", - " hooks=[apply_input_transforms(transforms_toolshed)],\n", + " hooks=[apply_input_transforms(transforms_vaultguard)],\n", " )\n", " .with_(max_trials=VAULTGUARD_MAX_TRIALS)\n", " .add_objective(vaultguard_scorer, direction=\"maximize\", name=\"flag_capture\")\n", From 2938a2a605ea9fb5ab660896568c6966aea7d19e Mon Sep 17 00:00:00 2001 From: Raja Sekhar Rao Dheekonda Date: Tue, 17 Mar 2026 14:05:30 -0700 Subject: [PATCH 3/4] fix: Remove hardcoded API keys from notebook and use placeholders --- .../airt/agentic_red_teaming_attacks.ipynb | 36 +++++++------------ 1 file changed, 12 insertions(+), 24 deletions(-) diff --git a/examples/airt/agentic_red_teaming_attacks.ipynb b/examples/airt/agentic_red_teaming_attacks.ipynb index 5c2e9aa0..29750749 100644 --- a/examples/airt/agentic_red_teaming_attacks.ipynb +++ b/examples/airt/agentic_red_teaming_attacks.ipynb @@ -4,25 +4,7 @@ "cell_type": "markdown", "id": "0", "metadata": {}, - "source": [ - "# Agentic AI Red Teaming\n", - "\n", - "Automated adversarial attacks against agentic AI challenges on\n", - "[Dreadnode Crucible](https://platform.dreadnode.io) using the AIRT framework.\n", - "\n", - "| Challenge | Category | Difficulty |\n", - "|-----------|----------|------------|\n", - "| **toolshed** | DevOps Tool Misuse | Medium |\n", - "| **webwhisper** | Indirect Prompt Injection | Medium |\n", - "| **vaultguard** | Multi-Agent Defense Bypass | Hard |\n", - "\n", - "**Attacks**: TAP (beam search), GOAT (graph exploration), Crescendo (progressive escalation)\n", - "\n", - "```bash\n", - "export CRUCIBLE_API_KEY=\"your-api-key\" # from https://platform.dreadnode.io/account\n", - "export OPENAI_API_KEY=\"your-openai-api-key\"\n", - "```" - ] + "source": "# Agentic AI Red Teaming\n\nAutomated adversarial attacks against agentic AI challenges on\n[Dreadnode Crucible](https://platform.dreadnode.io) using the AIRT framework.\n\n| Challenge | Category | Difficulty |\n|-----------|----------|------------|\n| **toolshed** | DevOps Tool Misuse | Medium |\n| **webwhisper** | Indirect Prompt Injection | Medium |\n| **vaultguard** | Multi-Agent Defense Bypass | Hard |\n\n**Attacks**: TAP (beam search), GOAT (graph exploration), Crescendo (progressive escalation)" }, { "cell_type": "code", @@ -51,8 +33,8 @@ "metadata": {}, "outputs": [], "source": [ - "CRUCIBLE_API_KEY = os.environ[\"CRUCIBLE_API_KEY\"] # https://platform.dreadnode.io/account\n", - "OPENAI_API_KEY = os.environ[\"OPENAI_API_KEY\"]\n", + "CRUCIBLE_API_KEY = \"your-crucible-api-key\" # https://platform.dreadnode.io/account\n", + "OPENAI_API_KEY = \"your-openai-api-key\"\n", "CRUCIBLE_URL = \"https://platform.dreadnode.io\"\n", "ATTACKER_MODEL = \"openai/gpt-4o\"\n", "EVALUATOR_MODEL = ATTACKER_MODEL\n", @@ -64,7 +46,7 @@ "MAX_TRIALS = 30\n", "VAULTGUARD_MAX_TRIALS = 50\n", "\n", - "dn.configure(server=CRUCIBLE_URL, token=CRUCIBLE_API_KEY, organization=\"dreadnode\")\n" + "dn.configure(server=CRUCIBLE_URL, token=CRUCIBLE_API_KEY, organization=\"dreadnode\")" ] }, { @@ -438,11 +420,17 @@ "\n", "4. **Content isolation between untrusted data and agent instructions** -- Treat all external content (web pages, user uploads, API responses) as untrusted. Process it in a sandboxed context where the agent cannot execute tool calls based on instructions found in the content.\n" ] + }, + { + "cell_type": "markdown", + "id": "5fa72367", + "metadata": {}, + "source": [] } ], "metadata": { "kernelspec": { - "display_name": "Python 3 (ipykernel)", + "display_name": "dreadnode-py3.12", "language": "python", "name": "python3" }, @@ -461,4 +449,4 @@ }, "nbformat": 4, "nbformat_minor": 5 -} +} \ No newline at end of file From 534b0843461b678c53910ca1ed3e483b2c4b7744 Mon Sep 17 00:00:00 2001 From: Raja Sekhar Rao Dheekonda Date: Tue, 17 Mar 2026 14:08:37 -0700 Subject: [PATCH 4/4] fix: Add trailing newline to notebook --- examples/airt/agentic_red_teaming_attacks.ipynb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/airt/agentic_red_teaming_attacks.ipynb b/examples/airt/agentic_red_teaming_attacks.ipynb index 29750749..af4e3983 100644 --- a/examples/airt/agentic_red_teaming_attacks.ipynb +++ b/examples/airt/agentic_red_teaming_attacks.ipynb @@ -449,4 +449,4 @@ }, "nbformat": 4, "nbformat_minor": 5 -} \ No newline at end of file +}