Skip to content

feat: add ASI-03 and ASI-05 challenge library expansion#521

Open
ashike24 wants to merge 6 commits into
GenAI-Security-Project:mainfrom
ashike24:main
Open

feat: add ASI-03 and ASI-05 challenge library expansion#521
ashike24 wants to merge 6 commits into
GenAI-Security-Project:mainfrom
ashike24:main

Conversation

@ashike24
Copy link
Copy Markdown

@ashike24 ashike24 commented May 31, 2026
edited
Loading

Challenge Library Expansion

Adds 6 new CTF challenges covering ASI-03 (Identity and Impersonation)
and ASI-05 (Indirect Prompt Injection).

ASI-03 Challenges (3)

  • Ghost in the Machine — vendor impersonates orchestrator via profile fields
  • Puppet Master — cross-agent trust abuse via poisoned invoice summary
  • Silver Tongue — role hijack via multi-turn conversation context manipulation

ASI-05 Challenges (3)

  • Trojan Invoice — indirect injection via poisoned FinDrive document
  • Poisoned Inbox — indirect injection via malicious FinMail email
  • Tool Output Hijack — indirect injection via crafted TaxCalc tool output

Each challenge includes

  • YAML definition with hints, labels, difficulty, and points
  • Working detector Python class registered in the detector registry
  • LLM judge prompt with HIGH/MEDIUM/LOW scoring rubric

@ashike24 ashike24 changed the title feat: add ASI-03 and ASI-05 challenge library expansion (GSoC 2026 Week 1-2) feat: add ASI-03 and ASI-05 challenge library expansion Jun 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ashike24