Files
promptfoo--promptfoo/examples/redteam-azure-assistant/README.md
T
wehub-resource-sync 0d3cb498a3
CI / Shell Format Check (push) Has been cancelled
CI / Check Ruby (3.4) (push) Has been cancelled
CI / CI Config (push) Has been cancelled
CI / Test on Node ${{ matrix.node }} and ${{ matrix.os }}${{ matrix.shard && format(' (shard {0}/3)', matrix.shard) || '' }} (push) Has been cancelled
CI / Build on Node ${{ matrix.node }} (push) Has been cancelled
CI / Style Check (push) Has been cancelled
CI / Generate Assets (push) Has been cancelled
CI / Check Python (3.14) (push) Has been cancelled
CI / Check Python (3.9) (push) Has been cancelled
CI / Build Docs (push) Has been cancelled
CI / Code Scan Action (push) Has been cancelled
CI / Site tests (push) Has been cancelled
CI / webui tests (push) Has been cancelled
CI / Run Integration Tests (push) Has been cancelled
CI / Run Smoke Tests (push) Has been cancelled
CI / Go Tests (push) Has been cancelled
CI / Share Test (push) Has been cancelled
CI / Redteam (Production API) (push) Has been cancelled
CI / Redteam (Staging API) (push) Has been cancelled
CI / GitHub Actions Lint (push) Has been cancelled
CI / Check Ruby (3.0) (push) Has been cancelled
release-please / release-please (push) Has been cancelled
release-please / build (push) Has been cancelled
release-please / publish-npm (push) Has been cancelled
release-please / publish-npm-backfill (push) Has been cancelled
release-please / docker (push) Has been cancelled
release-please / publish-code-scan-action (push) Has been cancelled
release-please / attest-code-scan-action (push) Has been cancelled
Deploy local.promptfoo.app / Deploy to Cloudflare Pages (push) Has been cancelled
Test and Publish Multi-arch Docker Image / test (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-amd64 platform:linux/amd64 runner:ubuntu-latest]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-arm64 platform:linux/arm64 runner:ubuntu-24.04-arm]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / merge-docker-digests (push) Has been cancelled
Test and Publish Multi-arch Docker Image / Attest Multi-arch Image (push) Has been cancelled
Validate Renovate Config / Validate Renovate Configuration (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:24:08 +08:00

83 lines
2.4 KiB
Markdown

# redteam-azure-assistant (Red Team Azure Assistant)
Red team testing for Azure OpenAI Assistants with function tools to evaluate security boundaries.
You can run this example with:
```bash
npx promptfoo@latest init --example redteam-azure-assistant
cd redteam-azure-assistant
```
## Overview
This example demonstrates how to security test an Azure OpenAI Assistant that has access to sensitive HR data through function tools. It includes mock HR database functions and a configured red team setup.
## Quick Start
1. **Setup environment variables**:
```text
AZURE_API_KEY=your_key
AZURE_OPENAI_API_HOST=your-resource.openai.azure.com
AZURE_DEPLOYMENT_NAME=your_deployment_name
AZURE_CHAT_DEPLOYMENT_NAME=your_eval_deployment
```
2. **Update configuration**:
- Edit `promptfooconfig.yaml`
- Replace `azure:assistant:asst_V3UgNCNUSAtHQdit8YimCKlJ` with your Assistant ID
- Update `apiHost` to your Azure endpoint
3. **Generate security tests**:
```bash
npx promptfoo@latest redteam generate
```
4. **Run the security evaluation**:
```bash
npx promptfoo@latest redteam eval
```
5. **View results**:
```bash
npx promptfoo@latest redteam report
# or
npx promptfoo@latest view
```
## What's Included
- **Mock HR Functions**: Employee data, salary information, and document access
- **Security Boundaries**: System instructions limiting access to sensitive data
- **Red team Configuration**: Pre-configured to test data privacy, access control, and security
- **Named Entities**: Sample employee names for more realistic attacks
## Security Testing Focus
This example tests if an HR assistant can be manipulated to:
- Leak personally identifiable information
- Bypass role-based access controls
- Act outside its security boundaries
- Expose sensitive HR documents or salary information
- Be manipulated through impersonation of executives
## Customization
1. Update the provider ID and API host
2. Customize the HR data in `callbacks/hr-database.js`
3. Modify security instructions in `promptfooconfig.yaml`
4. Adjust entities in the redteam section to match your needs
## Security Notice
This example contains simulated sensitive data for educational purposes. Use responsibly and only test systems you are authorized to evaluate.
## Documentation
- [LLM redteaming documentation](https://www.promptfoo.dev/docs/guides/llm-redteaming/)
- [Azure provider documentation](https://www.promptfoo.dev/docs/providers/azure/)