mindgard test by default runs a range of the most appropriate attack techniques for the AI system you are testing.

However, if you only wish to run a subset of attacks, you can do so by either excluding the attacks that are not required or including only the attacks that are required. It’s also possible to exclude or include a category of attacks.

List of attacks

The following is a list of available attacks with their associated categories.

CategoryAttack nameDefault Included
jail_breakingDevModeV2
jail_breakingPERSONGPT
jail_breakingEvilConfidant
jail_breakingAntiGPT
jail_breakingAsciiArtAttack
jail_breakingskeleton_key
jail_breakingcrescendo
jail_breakingHouYi
violationPromptAlignment
violationmalgen
prompt_injectionTag
prompt_injectionBase64
prompt_injectionBase64_DecodeAndAnswer
prompt_injectionBraille
prompt_injectionBraille_DecodeAndAnswer
prompt_injectionBase32
prompt_injectionBase32_DecodeAndAnswer
prompt_injectionBase16
prompt_injectionBase16_DecodeAndAnswer
prompt_injectionAscii85
prompt_injectionAscii85_DecodeAndAnswer
prompt_injectionEcojiEmoji
prompt_injectionEcojiEmoji_DecodeAndAnswer
prompt_injectionMorseCode
prompt_injectionMorseCode_DecodeAndAnswer
prompt_injectionNatoPhoneticAlphabet
prompt_injectionNatoPhoneticAlphabet_DecodeAndAnswer
prompt_injectionHomoglyph
prompt_injectionHomoglyph_DecodeAndAnswer
prompt_injectionDiacritics
prompt_injectionDiacritics_DecodeAndAnswer
prompt_injectionRot13
prompt_injectionRot13_DecodeAndAnswer
prompt_injectionHexadecimal
prompt_injectionHexadecimal_DecodeAndAnswer
prompt_injectionCaeserCipher
prompt_injectionCaeserCipher_DecodeAndAnswer
prompt_injectionCursed
prompt_injectionCursed_DecodeAndAnswer
prompt_injectionPigLatin
prompt_injectionPigLatin_DecodeAndAnswer
prompt_injectionZeroWidthSpace
prompt_injectionZeroWidthSpace_DecodeAndAnswer
output_handlingAnsi_Raw
output_handlingAnsi_Escaped
meta_prompt_extractionDynamicTest

Excluding attacks by name

mindgard test --exclude 'AntiGPT' --exclude 'PersonGPT'

The above command will not run the AntiGPT and PersonGPT attacks and will run the rest of the attacks.

Excluding categories

mindgard test --exclude 'jail_breaking'

The above command will exclude all attacks that are associated with the jail_breaking category.

Including attacks

The --include option can be used to only run a specific set of attacks.

mindgard test --include 'Base32' --include 'Rot13'

The above command will only run the Base32 and Rot13 attacks and will exclude all other attacks.

The same could be done to include a set of attacks associated to one or more categories

mindgard test --include 'output_handling' --include 'prompt_injection'

The above command will only run the attacks associated with output_handling and prompt_injection categories.