FEAT: Adding Master Key Jailbreak

[SafwanA02]

Description

Opening this after accidently closing #235 due to git errors.

• implemented batching to improve efficiency in "send_master_key_with_prompts_async" function in master_key_orchestrator
• added "print_conversation" function to master_key_orchestrator
• addressed comments from previous PR

Tests and Documentation

• added test to make sure that conversation id's are the same in corresponding prompts

[SafwanA02]

10. ie

@microsoft-github-policy-service agree company="Microsoft"

[dlmgary]

This will probably work most of the time, but I wonder if we might need some error handling in case things don't go as planned. Have we seen any issues during testing that we might want to handle here?

[SafwanA02]

I havn't run into any issues with this part of the code yet, but I'll keep an eye out for it.

[romanlutz]

Targets handle retries if that's what you mean @dlmgary

[dlmgary]

The PromptNormalizer handles all of this and does the asyncio.gather() for you. Is there a a reason why we're not using that?

[romanlutz]

It doesn't support multi-turn conversations at this point. It may be possible to extend it by plumbing through the conversation ID but there will be more work on this orchestrator anyway and I don't want to hold it up further.

[SafwanA02]

The prompt normalizer just sends the prompts directly using the send_prompt_async function, but here I'm using the send_master_key_prompt_async function instead becuase I need it to the master key prompt first, and then follow it up with the attack prompt.

[dlmgary]

• Add type hints.
• Is there a specific reason why we're using generators here? I'm a fan but it seems a bit of an anti-pattern here.
• This function might not be needed at all, consider removing it.

[romanlutz]

This is copied from prompt normalizer batching code. I suppose it makes it a tad cleaner than having this indexing logic mixed in with the rest of the code. I don't really care either way tbh.