Merge remote-tracking branch 'origin/200-total-score-is-zero-when-partial-score-is-not' into 232-add-tap-attack

Author: franconicola

CHANGELOG.md

@@ -1,3 +1,75 @@
+## v0.5.0 (2026-02-17)
+
+### ✨ Features
+
+- **FlipAttack**: The FlipAttack technique was introduced.
+- **FlipAttack**: The FlipAttack technique was introduced. It is also tested in the test folder
+
+### 🐛🚑️ Fixes
+
+- the error on the JSON serialization with the OpenAI SDK is fixed
+
+### ♻️ Refactorings
+
+- **generator-and-judge**: We add the RAG within our demo
+- **generator-and-judge**: We add the RAG within our demo
+- **Refactoring-attacks**: refactoring attacks code with folders for evaluator and generator
+
+### build
+
+- **deps**: bump urllib3 from 2.5.0 to 2.6.3
+- **deps**: bump urllib3 from 2.5.0 to 2.6.3
+
+### bump
+
+- **deps**: bump litellm from 1.81.8 to 1.81.12
+- **deps-dev**: bump ruff from 0.15.0 to 0.15.1
+- **deps**: bump openai from 2.17.0 to 2.21.0
+- **deps**: bump textual from 7.5.0 to 8.0.0
+- **deps-dev**: bump commitizen from 4.13.5 to 4.13.7
+- **deps-dev**: bump openapi-python-client from 0.28.1 to 0.28.2
+- **deps-dev**: bump google-adk from 1.24.1 to 1.25.0
+- **deps-dev**: bump ruff from 0.14.14 to 0.15.0
+- **deps**: bump rich from 14.3.1 to 14.3.2
+- **deps**: bump litellm from 1.81.5 to 1.81.8
+- **deps-dev**: bump google-adk from 1.24.0 to 1.24.1
+- **deps-dev**: bump mcp from 1.25.0 to 1.26.0
+- **deps-dev**: bump google-adk from 1.23.0 to 1.24.0
+- **deps**: bump openai from 2.16.0 to 2.17.0
+- **deps-dev**: bump commitizen from 4.12.1 to 4.13.5
+- **deps**: bump litellm from 1.81.1 to 1.81.5
+- **deps**: bump textual from 7.4.0 to 7.5.0
+- **deps**: bump openai from 2.15.0 to 2.16.0
+- **deps**: bump rich from 14.2.0 to 14.3.1
+- **deps**: bump textual from 7.3.0 to 7.4.0
+
+### fix
+
+- **tests**: fix JSON serialization issue
+- **tests**: fix JSON serialization issue
+
+### style
+
+- apply ruff formatting
+
+### ✅🤡🧪 Tests
+
+- In examples\langchain\rag there is a test using an AdvPrefix attack with a RAG use case, using a custom LangChain-based endpoint with OpenAI interfaces
+- In examples\langchain\rag there is a test showing an advprefix attack in a RAG scenario using a custom endpoint with LangChain based on OpenAI interfaces
+
+### 📝💡 Documentation
+
+- **Risks-profile**: Adding risk profiles within the documentation
+- **Risks**: Adding risks and related vulnerabilities with profiles
+
+### 🔥⚰️ Clean up
+
+- removed test rag lmstudio script
+
+### 🫥 fixup
+
+- reformatted attack py
+
 ## v0.4.4 (2026-01-27)
 
 ### 🐛🚑️ Fixes

docs/docs/agents/google-adk.md

@@ -7,7 +7,7 @@ slug: /agents/google-adk
 
 Google Agent Development Kit (ADK) is a framework for building conversational AI agents with tool-calling capabilities. HackAgent provides native support for testing ADK-based agents.
 
-## 🔧 Setup
+## Setup
 
 ### Prerequisites
 
@@ -46,7 +46,7 @@ Google Agent Development Kit (ADK) is a framework for building conversational AI
    pip install hackagent
    ```
 
-## 🚀 Basic Integration
+## Basic Integration
 
 ### Initialize HackAgent Client
 
@@ -71,7 +71,7 @@ The SDK automatically handles ADK-specific features:
 - **Response Parsing**: Extraction of agent responses and metadata
 - **Error Handling**: ADK-specific error scenarios
 
-## ⚔️ Running Security Tests
+## Running Security Tests
 
 ### Basic AdvPrefix Attack
 
@@ -141,7 +141,7 @@ def test_adk_security():
     agent.hack(attack_config=attack_config)
 ```
 
-## 🔍 ADK-Specific Security Concerns
+## ADK-Specific Security Concerns
 
 ### Tool Hijacking
 
@@ -180,7 +180,7 @@ multi_turn_goals = [
 ]
 ```
 
-## 🛠️ Advanced Configuration
+## Advanced Configuration
 
 ### Custom ADK Adapter Settings
 
@@ -217,7 +217,7 @@ The SDK automatically handles ADK sessions:
 3. **Request Routing**: Routes requests to proper session endpoints
 4. **Session Cleanup**: Handles session termination
 
-## 🔒 Security Best Practices
+## Security Best Practices
 
 ### ADK Agent Hardening
 
@@ -235,7 +235,7 @@ The SDK automatically handles ADK sessions:
 4. **Regular Assessment**: Run security tests regularly
 5. **Responsible Disclosure**: Report vulnerabilities responsibly
 
-## 🐛 Troubleshooting
+## Troubleshooting
 
 ### Common Issues
 
@@ -291,7 +291,7 @@ agent = HackAgent(
 )
 ```
 
-## 📊 Results and Reporting
+## Results and Reporting
 
 ### Viewing Results
 
@@ -323,7 +323,7 @@ attack_config = {
 2. **[Attack Tutorial](../getting-started/attack-tutorial.md)** - Getting started with attacks
 3. **[Security Guidelines](../security/responsible-disclosure.md)** - Responsible disclosure practices
 
-## 📞 Support
+## Support
 
 - **ADK Documentation**: [Google ADK Docs](https://google.github.io/adk-docs/)
 - **HackAgent Issues**: [GitHub Issues](https://github.com/AISecurityLab/hackagent/issues)

docs/docs/agents/index.md

@@ -91,7 +91,7 @@ agent.hack(attack_config=attack_config)
   </TabItem>
 </Tabs>
 
-👉 [Full Ollama Documentation](/agents/ollama)
+[Full Ollama Documentation](/agents/ollama)
 
   </TabItem>
   <TabItem value="openai" label={<span><img src="https://openai.com/favicon.ico" alt="OpenAI" style={{height: '24px', marginRight: '8px', verticalAlign: 'middle'}} />OpenAI SDK</span>}>
@@ -168,7 +168,7 @@ agent.hack(attack_config=attack_config)
   </TabItem>
 </Tabs>
 
-👉 [Full OpenAI SDK Documentation](/agents/openai-sdk)
+[Full OpenAI SDK Documentation](/agents/openai-sdk)
 
   </TabItem>
   <TabItem value="google-adk" label={<span><img src="https://google.github.io/adk-docs/assets/agent-development-kit.png" alt="Google ADK" style={{height: '24px', marginRight: '8px', verticalAlign: 'middle'}} />Google ADK</span>}>
@@ -249,7 +249,7 @@ agent.hack(attack_config=attack_config)
   </TabItem>
 </Tabs>
 
-👉 [Full Google ADK Documentation](/agents/google-adk)
+[Full Google ADK Documentation](/agents/google-adk)
 
   </TabItem>
 </Tabs>

docs/docs/agents/ollama.md

@@ -9,7 +9,7 @@ import ThemedImage from '@theme/ThemedImage';
 
 Ollama is a lightweight framework for running large language models locally. HackAgent provides native support for testing agents running on Ollama, allowing you to assess the security of self-hosted LLMs.
 
-## 🔧 Setup
+## Setup
 
 ### Prerequisites
 
@@ -39,7 +39,7 @@ Ollama is a lightweight framework for running large language models locally. Hac
    # Should return JSON with your installed models
    ```
 
-## 🚀 Basic Usage
+## Basic Usage
 
 ### Initialize HackAgent Client
 
@@ -63,7 +63,7 @@ The adapter supports all Ollama features:
 - **Chat & Generate APIs**: Both `/api/chat` and `/api/generate` endpoints
 - **Model Discovery**: Automatic listing of available models
 
-## ⚔️ Running Security Tests
+## Running Security Tests
 
 ### Basic AdvPrefix Attack
 
@@ -158,7 +158,7 @@ attack_config = {
 }
 ```
 
-## 🔍 Available Models
+## Available Models
 
 To see which models you have installed:
 
@@ -172,7 +172,7 @@ Popular models for security testing:
 - `codellama` - Code-focused Llama variant
 - `llama2-uncensored` - Uncensored Llama 2 (useful for attack generation)
 
-## 🛠️ Troubleshooting
+## Troubleshooting
 
 ### Connection Refused
 
@@ -222,7 +222,7 @@ agent = HackAgent(
 )
 ```
 
-## 📚 Further Reading
+## Further Reading
 
 - [Ollama Documentation](https://ollama.ai)
 - [Ollama Model Library](https://ollama.ai/library)

docs/docs/agents/openai-sdk.md

@@ -7,7 +7,7 @@ slug: /agents/openai-sdk
 
 OpenAI SDK is the official Python library for interacting with OpenAI's API, including GPT-4, GPT-3.5, and other models. HackAgent provides native support for testing agents built with the OpenAI SDK, including those using function calling and tool use.
 
-## 🔧 Setup
+## Setup
 
 ### Prerequisites
 
@@ -38,7 +38,7 @@ OpenAI SDK is the official Python library for interacting with OpenAI's API, inc
    export OPENAI_API_BASE="https://your-resource.openai.azure.com"
    ```
 
-## 🚀 Basic Integration
+## Basic Integration
 
 ### Initialize HackAgent Client
 
@@ -65,7 +65,7 @@ The adapter supports all OpenAI SDK features:
 - **Custom Endpoints**: Azure OpenAI, local models, etc.
 - **Message History**: Multi-turn conversation testing
 
-## ⚔️ Running Security Tests
+## Running Security Tests
 
 ### Basic AdvPrefix Attack
 
@@ -128,7 +128,7 @@ for agent_name in agents:
     print(f"Results for {agent_name}: {results}")
 ```
 
-## 🌐 Azure OpenAI Integration
+## Azure OpenAI Integration
 
 HackAgent supports Azure OpenAI Service out of the box:
 
@@ -142,7 +142,7 @@ agent = HackAgent(
 
 **Note:** Make sure your `AZURE_OPENAI_API_KEY` environment variable is set. The adapter will use your Azure endpoint configuration.
 
-## 📊 Understanding Results
+## Understanding Results
 
 After running tests, check your HackAgent dashboard for:
 
@@ -151,7 +151,7 @@ After running tests, check your HackAgent dashboard for:
 3. **Token Usage**: API cost analysis
 4. **Response Patterns**: Common vulnerabilities across models
 
-## 🛡️ Best Practices
+## Best Practices
 
 ### Rate Limiting
 ```python
@@ -184,7 +184,7 @@ export OPENAI_API_KEY_TEST="sk-test-..."
 export OPENAI_API_KEY_PROD="sk-prod-..."
 ```
 
-## 🐛 Troubleshooting
+## Troubleshooting
 
 ### "OpenAI SDK is not installed"
 ```bash
@@ -215,14 +215,14 @@ except Exception as e:
     # Check dashboard for partial results
 ```
 
-## 📚 Additional Resources
+## Additional Resources
 
 - [OpenAI API Documentation](https://platform.openai.com/docs)
 - [OpenAI SDK GitHub](https://github.com/openai/openai-python)
 - [HackAgent Attack Tutorial](../getting-started/attack-tutorial.md)
 - [Function Calling Guide](https://platform.openai.com/docs/guides/function-calling)
 
-## 🔄 Next Steps
+## Next Steps
 
 1. Review results on your [HackAgent Dashboard](https://app.hackagent.dev)
 2. Try different models and configurations

docs/docs/api-index.md

@@ -17,7 +17,7 @@ This section provides detailed documentation for all classes, methods, and funct
 
 This documentation covers the **Python SDK API** - the classes and methods you use when writing Python code with HackAgent. If you're looking for information about raw HTTP endpoints, those are accessed through the SDK and not documented separately at this time.
 
-For practical usage examples and getting started guides, see the [Attack Tutorial](./getting-started/attack-tutorial.md).
+For practical usage examples and getting started guides, see the [Python SDK Quickstart](./sdk/python-quickstart.md).
 
 ---