Skip to content

feat(p2-roadmap): community attack registry v1.5.0#7

Merged
wesleyscholl merged 1 commit into
mainfrom
claude/konjo-toki-xPy83
Jun 14, 2026
Merged

feat(p2-roadmap): community attack registry v1.5.0#7
wesleyscholl merged 1 commit into
mainfrom
claude/konjo-toki-xPy83

Conversation

@konjoinfinity

@konjoinfinity konjoinfinity commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • toki.community β€” CommunityRegistry + CommunityAttack dataclass. 25 curated attacks across all six categories (jailbreak / injection / edge_case / boundary / indirect / agentic), each tagged with OWASP LLM Top 10 2025, severity, technique tags, and provenance. Bundled as python/toki/data/community_registry.json with SHA-256 integrity verification on load.
  • CommunityRegistry.filter(category, tag, severity) β€” AND-logic query; stats() summary; get_registry() module-level cache (reload-able).
  • load_remote(url, expected_sha256) β€” optional pinned-SHA-256 remote pull via stdlib urllib; raises ValueError on mismatch.
  • CLI β€” python -m toki attack-community [--category] [--tag] [--severity] [--json]
  • Server β€” GET /api/attacks/community (no filters) and POST /api/attacks/community (body filters: category, tag, severity)
  • Closes the entire P2 backlog β€” all P2 items from the Phase 11 research sprint are now shipped.

Test plan

  • python -m pytest python/tests/ -x -q β†’ 547/547 passing (27 new)
  • cargo test && cargo clippy -- -D warnings β†’ clean
  • python -m toki attack-community β†’ prints 25 attacks with severity/category columns
  • python -m toki attack-community --category agentic --json β†’ 4-item JSON array, all category=="agentic"
  • python -m toki attack-community --severity critical --json β†’ all items have severity=="critical"
  • get_registry() returns same object on repeated calls (cache hit)
  • load_remote(url, expected_sha256="wrong") raises ValueError
  • SHA-256 of bundled manifest attacks array matches registry.sha256

P2 backlog status

Item Status
Coverage map + blind spot dashboard βœ… v1.1.0
Safety regression CI gate βœ… v1.1.0
Evaluator consistency scoring βœ… v1.1.0
Multilingual + encoding attack battery βœ… v1.1.0
Indirect prompt injection simulator βœ… v1.3.0
Agentic + MCP attack battery βœ… v1.3.0
Structured remediation reports βœ… v1.4.0
Custom attack library βœ… v1.4.0
Community attack registry βœ… v1.5.0 (this PR)

https://claude.ai/code/session_01XCHiLCiVeL6WXQdsAcQTbx

Generated by Claude Code

@claude
feat(p2-roadmap): community attack registry v1.5.0
853244a 
Phase 15 β€” closes the P2 backlog.

toki.community: CommunityRegistry + CommunityAttack dataclass. 25 curated
attacks across jailbreak/injection/edge_case/boundary/indirect/agentic, each
with OWASP LLM Top 10 2025 tag, severity, provenance, and technique tags.
Bundled as python/toki/data/community_registry.json (SHA-256 verified on
load). filter(category, tag, severity) with AND logic. stats() summary.
get_registry() module-level cache. load_remote(url, expected_sha256) for
pinned-SHA-256 remote pull via stdlib urllib.

CLI: python -m toki attack-community [--category] [--tag] [--severity] [--json]
Server: GET/POST /api/attacks/community with filter support

27 new tests (test_community.py: 23, test_main.py: 4).
520 β†’ 547 passing. Zero failures.

https://claude.ai/code/session_01XCHiLCiVeL6WXQdsAcQTbx
@wesleyscholl wesleyscholl marked this pull request as ready for review June 14, 2026 03:39
@wesleyscholl wesleyscholl merged commit f31e354 into main Jun 14, 2026
7 checks passed
@wesleyscholl wesleyscholl deleted the claude/konjo-toki-xPy83 branch June 14, 2026 03:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@konjoinfinity @wesleyscholl @claude