frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: DeepTeam – Penetration Testing for LLMs

https://github.com/confident-ai/deepteam
3•jeffreyip•1y ago
Hi HN, we’re Jeffrey and Kritin, and we’re building DeepTeam (https://trydeepteam.com), an open-source Python library to scan LLM apps for security vulnerabilities. You can start “penetration testing” by defining a Python callback to your LLM app (e.g. `def model_callback(input: str)`), and DeepTeam will attempt to probe it with prompts designed to elicit unsafe or unintended behavior.

Note that the penetration testing process treats your LLM app as a black-box - which means that DeepTeam will not know whether PII leakage has occurred in a certain tool call or incorporated in the training data of your fine-tuned LLM, but rather just detect that it is present. Internally, we call this process “end-to-end” testing.

Before DeepTeam, we worked on DeepEval, an open-source framework to unit-test LLMs. Some of you might be thinking, well isn’t this kind of similar to unit-testing?

Sort of, but not really. While LLM unit-testing focuses on 1) accurate eval metrics, 2) comprehensive eval datasets, penetration testing focuses on the haphazard simulation of attacks, and the orchestration of it. To users, this was a big and confusing paradigm shift, because it went from “Did this pass?” to “How can this break?”.

So we thought to ourselves, why not just release a new package to orchestrate the simulation of adversarial attacks for this new set of users and teams working specifically on AI safety, and borrow DeepEval’s evals and ecosystem in the process?

Quickstart here: https://www.trydeepteam.com/docs/getting-started#detect-your...

The first thing we did was offer as many attack methods as possible - simple encoding ones like ROT13, leetspeak, to prompt injections, roleplay, and jailbreaking. We then heard folks weren’t happy because the attacks didn’t persist across tests and hence they “lost” their progress every time they tested, and so we added an option to `reuse_simulated_attacks`.

We abstracted everything away to make it as modular as possible - every vulnerability, attack, can be imported in Python as `Bias(type=[“race”])`, `LinearJailbreaking()`, etc. with methods such as `.enhance()` for teams to plug-and-play, build their own test suite, and even to add a few more rounds of attack enhancements to increase the likelihood of breaking your system.

Notably, there are a few limitations. Users might run into compliance errors when attempting to simulate attacks (especially for AzureOpenAI), and so we recommend setting `ignore_errors` to `True` in case that happens. You might also run into bottlenecks where DeepTeam does not cover your custom vulnerability type, and so we shipped a `CustomVulnerability` class as a “catch-all” solution (still in beta).

You might be aware that some packages already exist that do a similar thing, often known as “vulnerability scanning” or “red teaming”. The difference is that DeepTeam is modular, lightweight, and code friendly. Take Nvidia Garak for example, although comprehensive, has so many CLI rules, environments to set up, it is definitely not the easiest to get started, let alone pick the library apart to build your own penetration testing pipeline. In DeepTeam, define a class, wrap it around your own implementations if necessary, and you’re good to go.

We adopted a Apache 2.0 license (for now, and probably in the foreseeable future too), so if you want to get started, `pip install deepteam`, use any LLM for simulation, and you’ll get a full penetration report within 1 minute (assuming you’re running things asynchronously). GitHub: https://github.com/confident-ai/deepteam

Excited to share DeepTeam with everyone here – let us know what you think!

Qualcomm acquires Nexa AI, open-sources GenAI runtime for Hexagon NPUs

https://github.com/qualcomm/GenieX
1•BUFU•2m ago•1 comments

Chorus: A fast WAL for object storage

https://rockwotj.com/blog/chorus/
1•cbrewster•6m ago•0 comments

Google Earth Pro Desktop downloads will be unavailable starting June 2027

https://support.google.com/earth/thread/448773864/update-on-google-earth-pro-desktop-app-download...
3•KomoD•7m ago•0 comments

EU AI Act becomes applicable Aug 2: an engineering checklist

https://conformityengineering.com/playbook/
1•stevalsoto•7m ago•0 comments

Agent-CI: Run GitHub Actions on Your Machine

https://agent-ci.dev/
1•handfuloflight•8m ago•0 comments

Why I don't have a girlfriend: An application of the Drake Equation to love [pdf]

https://www.astro.sunysb.edu/fwalter/AST248/why_i_dont_have_a_girlfriend.pdf
1•kerim-ca•9m ago•0 comments

Graphene can hold multiple states of superconductivity, a new study finds

https://news.mit.edu/2026/graphene-can-hold-multiple-states-of-superconductivity-0629
3•rbanffy•10m ago•0 comments

Don't build your castle in other people's kingdoms (2021)

https://howtomarketagame.com/2021/11/01/dont-build-your-castle-in-other-peoples-kingdoms/
1•softwaredoug•10m ago•0 comments

Airbus to make first foray into engine manufacturing with hydrogen tie-up

https://www.ft.com/content/e8be97c7-af28-42f2-8d81-ce619d4c0de1
1•petethomas•10m ago•1 comments

Own Your Weights

https://moai.studio/blog/posts/own-your-weights.html
1•ionwake•14m ago•0 comments

The Science Behind Why Soccer Players the 26 World Cup Are Cutting Their Socks

https://www.wired.com/story/the-science-behind-why-soccer-players-at-the-2026-world-cup-are-cutti...
3•susiecambria•14m ago•1 comments

Show HN: Convergo – plan/build review loops for coding agents

https://github.com/gomilesf/convergo
1•gomilesfd•15m ago•0 comments

Vought V-173

https://en.wikipedia.org/wiki/Vought_V-173
1•LorenDB•16m ago•0 comments

A teen social media ban is an admission of utter failure to govern online spaces

https://www.jamesrball.com/p/a-teen-social-media-ban-is-an-admission
3•cdrnsf•18m ago•1 comments

Show HN: I built an AI spritesheet generator for game developers

https://www.autosprite.io
1•autosprite•20m ago•0 comments

Desk-Pet – a local-first desktop pet powered by MiniCPM5

https://github.com/OpenBMB/MiniCPM-Desk-Pet
1•modinfo•21m ago•0 comments

Roast My New Creation

https://itsrilo.com
1•GeorgeChaplin•21m ago•1 comments

Torpenhow Hill

https://en.wikipedia.org/wiki/Torpenhow_Hill
1•nmstoker•21m ago•0 comments

Redis Patterns for Coding Agents

https://redis.antirez.com/
2•Jimmc414•22m ago•0 comments

GAO: DOE Is Prematurely Excluding Less Expensive Options for Nuclear Cleanup

https://www.gao.gov/products/gao-26-108193
3•Jimmc414•23m ago•0 comments

InfoWars: Emergency with Tim Heidecker [video]

https://www.youtube.com/watch?v=RX8-VGDK1vQ
4•embedding-shape•25m ago•0 comments

AI Giants Are Handing Out Tons of Free Computing Power to Grab Startup Share

https://www.wsj.com/tech/ai/ai-giants-are-handing-out-tons-of-free-computing-power-to-grab-startu...
2•Jimmc414•27m ago•0 comments

Activity-frames – give your AI agent eyes on your day

https://github.com/nossa-y/activity-frames
1•nossa-y•28m ago•0 comments

Closing the Verification Loop

https://thinkroom.kieranklaassen.com/d/njrS5TJhis
1•gmays•30m ago•0 comments

Microsoft 365 Copilot adoption is under 4.5%, only 1% use it weekly

https://www.windowslatest.com/2026/07/07/microsoft-365-copilot-adoption-is-under-4-5-after-3-year...
6•pier25•35m ago•6 comments

Implementing Standard.site on a Nonstandard Site

https://www.coryd.dev/posts/2026/implementing-standardsite-on-a-nonstandard-site
1•cdrnsf•40m ago•0 comments

JPMorgan, BofA and Others Explore Buying Card Network to Raise Debit-Card Fees

https://www.wsj.com/finance/banking/jpmorgan-bank-of-america-and-other-banks-explore-a-deal-to-sh...
10•JumpCrisscross•42m ago•4 comments

AI tool got me 12,000 new clicks from Google

https://twitter.com/fba/status/2074541708218351872
1•fba0•44m ago•2 comments

SpaceX Shares Stumble in Nasdaq-100 Debut

https://www.wsj.com/finance/stocks/spacex-shares-stumble-in-nasdaq-100-debut-9ec10565
9•JumpCrisscross•46m ago•2 comments

More Americans Are Moving Away from Flood Risk Than Toward It

https://www.bloomberg.com/news/articles/2026-06-24/flood-prone-us-counties-lose-residents-as-risk...
4•petethomas•48m ago•1 comments