-
Notifications
You must be signed in to change notification settings - Fork 281
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FEAT Add cross-domain prompt injection orchestrator #127
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great to see XPIA coming together, Roman!
Let's assume the XPIA attack will cause an action to be taken, like sending an email. The success of the XPIA would be determined by a scorer, which would need to connect to an email inbox to see whether the action was taken. Is that what you are thinking?
…tments + jupytext rerun
…nto romanlutz/xpia
Description
Adding an orchestrator for a simple XPIA scenario:
In a "real" XPIA scenario we need a processing target that has the plugin/skill to retrieve content by itself.
In the future, we will support more mediums & locations (such as files on Azure storage, e.g., emails or PDFs).
Tests and Documentation
Tests included for the orchestrator.