# 🎯 PromptStrike CLI
**Developer-first automated LLM red-team platform**
[](https://github.com/siwenwang0803/PromptStrike/releases)
[](https://python.org)
[](LICENSE)
[](https://hub.docker.com/r/promptstrike/cli)
[](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
> **🚀 Status:** ✅ Sprint S-1 Complete (July 2025) - Production Ready
> **📋 Reference:** [Product One-Pager](00-Product-OnePager.md) | [12M Roadmap](01-12M-Roadmap.md) | [Changelog](CHANGELOG-v0.1.0-alpha.md)
## Problem We Solve
Large-language-model (LLM) apps ship to production with **invisible jailbreak, data-leak and cost-explosion risks**. Regulators now mandate continuous red-teaming (EU AI Act Art.55, US EO 14110).
**PromptStrike** provides automated OWASP LLM Top 10 testing that:
- ✅ Runs locally (keys stay on-prem)
- ✅ Generates audit-ready evidence (NIST AI-RMF mapping)
- ✅ Ships as Docker CLI (5-minute setup)
- ✅ Tracks coverage and compliance gaps
## Quick Start
### 🐳 Docker (Recommended)
```bash
# Pull and run latest version
docker run --rm \
-e OPENAI_API_KEY=$OPENAI_API_KEY \
-v $(pwd)/reports:/app/reports \
promptstrike/cli:latest scan gpt-4
# Or build locally
git clone https://github.com/siwenwang0803/PromptStrike.git
cd PromptStrike
docker build -t promptstrike/cli .
docker run --rm \
-e OPENAI_API_KEY=$OPENAI_API_KEY \
-v $(pwd)/reports:/app/reports \
promptstrike/cli scan gpt-4 --format pdf
```
### 📦 Poetry (Development)
```bash
git clone https://github.com/siwenwang0803/PromptStrike.git
cd PromptStrike
poetry install
poetry run promptstrike scan gpt-4 --dry-run
```
### 🔧 PyPI (Future - Sprint S-4)
```bash
pip install promptstrike
promptstrike scan gpt-4
```
## Core Features
### 🎯 **Automated LLM Red-Team Testing**
- **OWASP LLM Top 10** complete coverage (47 attack patterns)
- **Prompt injection**, data leakage, cost exploitation detection
- **Confidence scoring** and risk assessment (CVSS-like 0-10 scale)
- **Real-time progress** with rich CLI interface
### 📊 **Comprehensive Reporting**
- **JSON** structured reports for CI/CD integration
- **PDF** executive summaries for compliance teams
- **HTML** interactive dashboards for security teams
- **CSV** exports for spreadsheet analysis
### 🏛️ **Compliance & Audit Ready**
- **NIST AI-RMF** control mapping (GV, MP, MS, MG categories)
- **EU AI Act** article references (Art.15, 16, 52, 55)
- **SOC 2** impact analysis (CC6.1, CC6.7, CC7.2, CC8.1)
- **Cryptographic audit trails** with evidence preservation
### 🚀 **Production Ready**
- **Docker containerized** for consistent deployment
- **Rate limiting** and timeout controls
- **Parallel execution** for faster scans
- **Error handling** and graceful degradation
## Command Reference
### Basic Usage
```bash
# Quick vulnerability scan
promptstrike scan gpt-4
# Comprehensive scan with PDF report
promptstrike scan https://api.openai.com/v1/chat/completions \
--format pdf --output ./security-audit
# Preview attacks without execution
promptstrike scan local-model --dry-run
# List available attack packs
promptstrike list-attacks
# Health check
promptstrike doctor
```
### Advanced Usage
```bash
# Custom configuration file
promptstrike scan gpt-4 --config ./config.yaml --verbose
# Limited test run for CI/CD
promptstrike scan $MODEL --max-requests 20 --timeout 10
# Multiple output formats
promptstrike scan gpt-4 --format all --output ./reports
```
## Attack Packs
### 🔴 **OWASP LLM Top 10** (Default)
| Category | Attacks | Severity | Description |
|----------|---------|----------|-------------|
| **LLM01** - Prompt Injection | 12 | Critical | Direct/indirect prompt manipulation |
| **LLM02** - Insecure Output | 6 | High | XSS, code injection via outputs |
| **LLM03** - Training Data Poisoning | 4 | Medium | Backdoor and bias injection |
| **LLM04** - Model DoS | 8 | High | Resource exhaustion attacks |
| **LLM05** - Supply Chain | 3 | Medium | Third-party model vulnerabilities |
| **LLM06** - Sensitive Info Disclosure | 7 | Critical | PII and secret extraction |
| **LLM07** - Insecure Plugin Design | 5 | High | Plugin-specific vulnerabilities |
| **LLM08** - Excessive Agency | 4 | Medium | Overprivileged model actions |
| **LLM09** - Overreliance | 3 | Low | Human oversight failures |
| **LLM10** - Model Theft | 2 | Medium | IP extraction attempts |
### 🔮 **Coming Soon** (Roadmap)
- **PromptStrike FinOps** - Cost explosion & billing anomaly detection (Sprint S-9)
- **PromptStrike Privacy** - GDPR/CCPA compliance validation (Sprint S-10)
- **PromptStrike Bias** - Fairness and discrimination testing (Sprint S-11)
## Report Format
### JSON Schema (API Integration)
```json
{
"scan_id": "ps-20250703-140502-abc123",
"target": "gpt-4",
"overall_risk_score": 6.7,
"security_posture": "fair",
"vulnerabilities_found": 3,
"results": [
{
"attack_id": "LLM01-001",
"category": "prompt_injection",
"severity": "critical",
"is_vulnerable": false,
"confidence_score": 0.95,
"risk_score": 2.1,
"nist_controls": ["GV-1.1", "MP-2.3"],
"eu_ai_act_refs": ["Art.15"]
}
],
"compliance": {
"nist_rmf_controls_tested": ["GV-1.1", "MP-2.3"],
"eu_ai_act_risk_category": "high",
"soc2_controls_impact": ["CC6.1", "CC6.7"]
}
}
```
### PDF Executive Summary
1. **Risk Overview** - Security posture, vulnerability count by severity
2. **Technical Findings** - Detailed attack results with evidence
3. **Compliance Assessment** - NIST AI-RMF, EU AI Act, SOC 2 mapping
4. **Remediation Plan** - Prioritized recommendations and controls
## Configuration
Create `promptstrike.yaml` for custom settings:
```yaml
target:
endpoint: "https://api.openai.com/v1/chat/completions"
model: "gpt-4"
api_key_env: "OPENAI_API_KEY"
scan:
max_requests: 100
timeout: 30
parallel_workers: 3
rate_limit_rps: 5
attack_packs:
default: "owasp-llm-top10"
enabled: ["owasp-llm-top10"]
output:
directory: "./reports"
formats: ["json", "pdf"]
retention_days: 30
compliance:
nist_rmf_enabled: true
eu_ai_act_enabled: true
soc2_enabled: false
```
## 🎯 Sprint S-1 Completion
**Production-Ready Release (July 2025)**
### ✅ Delivered Features
- **Complete OWASP LLM Top 10**: 47 attacks across 10 categories
- **Multi-Format Reports**: JSON, HTML, PDF with compliance mapping
- **Docker Deployment**: Production-ready containerized CLI
- **CLI Interface**: 5 commands with Rich terminal UI
- **Compliance Ready**: NIST AI-RMF, EU AI Act, SOC 2 integration
- **Local Execution**: Zero data exfiltration, keys stay on-premises
- **CI/CD Integration**: GitHub Actions, Jenkins pipeline support
### 📊 Technical Metrics
- **47 Attack Patterns**: Complete coverage of OWASP LLM Top 10
- **5 CLI Commands**: scan, list-attacks, doctor, version, config
- **3 Report Formats**: JSON (API), HTML (web), PDF (executive)
- **100% Local**: All operations run locally, no cloud dependencies
- **Docker Ready**: Multi-stage build with security best practices
### 🚀 Next: Pilot-0 / Sprint S-2
- **Kubernetes Sidecar**: Deployment to K8s clusters
- **Python SDK**: Programmatic access and integration
- **Real-time Dashboard**: Live monitoring and alerting
- **Custom Attack Packs**: User-defined vulnerability tests
- **Advanced Compliance**: Detailed gap analysis and remediation
### 🎯 Business Goals
- **500 Downloads**: PyPI package adoption milestone
- **5 GitHub Issues**: Community engagement and feedback
- **Design Partners**: Enterprise pilot customer onboarding
---
## CI/CD Integration
### GitHub Actions
```yaml
- name: PromptStrike Security Scan
run: |
docker run --rm \
-e OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }} \
-v ${{ github.workspace }}/reports:/app/reports \
promptstrike/cli:latest scan ${{ env.MODEL }} \
--format json --max-requests 50
# Fail build if critical vulnerabilities found
if [ $? -eq 3 ]; then
echo "Critical vulnerabilities detected - blocking deployment"
exit 1
fi
```
### Jenkins Pipeline
```groovy
stage('LLM Security Scan') {
steps {
script {
def result = sh(
script: """
docker run --rm \
-e OPENAI_API_KEY=\$OPENAI_API_KEY \
-v \$PWD/reports:/app/reports \
promptstrike/cli:latest scan \$MODEL
""",
returnStatus: true
)
if (result == 3) {
error("Critical LLM vulnerabilities found")
}
}
}
}
```
## Development
### Prerequisites
- Python 3.11+
- Poetry 1.7+
- Docker (optional)
- OpenAI API key
### Setup
```bash
# Clone repository
git clone https://github.com/siwenwang0803/PromptStrike.git
cd PromptStrike
# Install dependencies
make install
# Run tests
make test
# Format code
make format
# Build Docker image
make docker-build
# Run CLI locally
make cli-help
```
### Testing
```bash
# Run all tests
make test
# Fast tests only
make test-fast
# Specific test file
poetry run pytest tests/test_cli.py -v
# Coverage report
make test && open htmlcov/index.html
```
### Development Commands
```bash
# Start development environment
make dev
# Health check
make cli-doctor
# Dry run example
make cli-dry-run
# Schema validation
make schema-export
```
## Roadmap & Status
### ✅ **Sprint S-1** (Jul 08-21) - **SHIPPED**
- [x] Dockerized CLI with Poetry environment
- [x] OWASP LLM Top 10 attack pack (47 attacks)
- [x] JSON/PDF report generation
- [x] NIST AI-RMF compliance mapping
- [x] **Target:** 500 downloads, 5 GitHub issues closed
### 🚧 **Sprint S-2** (Jul 22-Aug 04) - **IN PROGRESS**
- [ ] Guardrail Side-car α (Kubernetes deployment)
- [ ] Python SDK for programmatic access
- [ ] Real-time monitoring dashboard
- [ ] **Target:** Live in 1 design partner staging environment
### 📋 **Upcoming Sprints**
- **S-3:** Pilot template, Stripe checkout, $15k revenue target
- **S-4:** SaaS Dashboard α (Next.js + Supabase)
- **S-5:** NIST AI-RMF & EU AI-Act mapping β
See [12-Month Roadmap](01-12M-Roadmap.md) for complete timeline.
## Support & Community
### 🐛 **Bug Reports & Feature Requests**
- [GitHub Issues](https://github.com/siwenwang0803/PromptStrike/issues)
- [Security Vulnerabilities](mailto:security@promptstrike.com)
### 📚 **Documentation**
- [CLI Specification](docs/cli-spec.md)
- [API Documentation](https://docs.promptstrike.com) (Coming Soon)
- [Attack Pack Reference](docs/attack-packs.md) (Coming Soon)
### 💬 **Community**
- [Discord Server](https://discord.gg/promptstrike) (Coming Soon)
- [Slack Channel](https://promptstrike.slack.com) (Design Partners)
## Security & Privacy
- **🔒 API Keys:** Never logged or transmitted beyond target endpoint
- **🏠 Local Execution:** All scanning runs on your infrastructure
- **📊 Telemetry:** Opt-in anonymous usage statistics only
- **🔍 Audit Trail:** Cryptographic evidence preservation
- **🛡️ Responsible Disclosure:** security@promptstrike.com
## License & Legal
**MIT License** - See [LICENSE](LICENSE) for details.
**Disclaimer:** PromptStrike is a security testing tool intended for authorized testing only. Users are responsible for compliance with applicable laws and regulations. The authors assume no liability for misuse.
## Contributors
### Core Team (AI Agents)
- **Claude 4 Sonnet** - Full-stack Development & Testing Lead
- **ChatGPT o3-pro** - Strategy VP & Principal Architect
- **ChatGPT o3** - Sprint PM & Delivery Lead
- **GPT-4.5** - Frontend & Documentation Lead
- **gork** - OTEL & Automation Engineer
### Design Partners
- [Confidential] - 3 enterprise partners in pilot phase
## Star History
⭐ **Star this repo** if PromptStrike helps secure your LLM applications!
[](https://star-history.com/#siwenwang0803/PromptStrike&Date)
---
**🎯 Ready to secure your LLM?** Start with: `docker run promptstrike/cli scan gpt-4 --dry-run`
**📧 Questions?** Reach out: [dev@promptstrike.com](mailto:dev@promptstrike.com)
**🚀 Want the SaaS version?** Join our waitlist: [promptstrike.com](https://promptstrike.com)
Raw data
{
"_id": null,
"home_page": "https://github.com/siwenwang0803/PromptStrike",
"name": "promptstrike",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.11",
"maintainer_email": null,
"keywords": "llm, security, red-team, owasp, ai-safety",
"author": "PromptStrike Team",
"author_email": "dev@promptstrike.com",
"download_url": "https://files.pythonhosted.org/packages/34/e2/8ee54aa0a055ea16f0703719d390b374cead35117229c7a9137d595f8c2b/promptstrike-0.1.0.tar.gz",
"platform": null,
"description": "# \ud83c\udfaf PromptStrike CLI\n\n**Developer-first automated LLM red-team platform**\n\n[](https://github.com/siwenwang0803/PromptStrike/releases)\n[](https://python.org)\n[](LICENSE)\n[](https://hub.docker.com/r/promptstrike/cli)\n[](https://owasp.org/www-project-top-10-for-large-language-model-applications/)\n\n> **\ud83d\ude80 Status:** \u2705 Sprint S-1 Complete (July 2025) - Production Ready \n> **\ud83d\udccb Reference:** [Product One-Pager](00-Product-OnePager.md) | [12M Roadmap](01-12M-Roadmap.md) | [Changelog](CHANGELOG-v0.1.0-alpha.md)\n\n## Problem We Solve\n\nLarge-language-model (LLM) apps ship to production with **invisible jailbreak, data-leak and cost-explosion risks**. Regulators now mandate continuous red-teaming (EU AI Act Art.55, US EO 14110).\n\n**PromptStrike** provides automated OWASP LLM Top 10 testing that:\n- \u2705 Runs locally (keys stay on-prem) \n- \u2705 Generates audit-ready evidence (NIST AI-RMF mapping)\n- \u2705 Ships as Docker CLI (5-minute setup)\n- \u2705 Tracks coverage and compliance gaps\n\n## Quick Start\n\n### \ud83d\udc33 Docker (Recommended)\n\n```bash\n# Pull and run latest version\ndocker run --rm \\\n -e OPENAI_API_KEY=$OPENAI_API_KEY \\\n -v $(pwd)/reports:/app/reports \\\n promptstrike/cli:latest scan gpt-4\n\n# Or build locally\ngit clone https://github.com/siwenwang0803/PromptStrike.git\ncd PromptStrike\ndocker build -t promptstrike/cli .\ndocker run --rm \\\n -e OPENAI_API_KEY=$OPENAI_API_KEY \\\n -v $(pwd)/reports:/app/reports \\\n promptstrike/cli scan gpt-4 --format pdf\n```\n\n### \ud83d\udce6 Poetry (Development)\n\n```bash\ngit clone https://github.com/siwenwang0803/PromptStrike.git\ncd PromptStrike\npoetry install\npoetry run promptstrike scan gpt-4 --dry-run\n```\n\n### \ud83d\udd27 PyPI (Future - Sprint S-4)\n\n```bash\npip install promptstrike\npromptstrike scan gpt-4\n```\n\n## Core Features\n\n### \ud83c\udfaf **Automated LLM Red-Team Testing**\n- **OWASP LLM Top 10** complete coverage (47 attack patterns)\n- **Prompt injection**, data leakage, cost exploitation detection\n- **Confidence scoring** and risk assessment (CVSS-like 0-10 scale)\n- **Real-time progress** with rich CLI interface\n\n### \ud83d\udcca **Comprehensive Reporting**\n- **JSON** structured reports for CI/CD integration\n- **PDF** executive summaries for compliance teams \n- **HTML** interactive dashboards for security teams\n- **CSV** exports for spreadsheet analysis\n\n### \ud83c\udfdb\ufe0f **Compliance & Audit Ready**\n- **NIST AI-RMF** control mapping (GV, MP, MS, MG categories)\n- **EU AI Act** article references (Art.15, 16, 52, 55)\n- **SOC 2** impact analysis (CC6.1, CC6.7, CC7.2, CC8.1)\n- **Cryptographic audit trails** with evidence preservation\n\n### \ud83d\ude80 **Production Ready**\n- **Docker containerized** for consistent deployment\n- **Rate limiting** and timeout controls\n- **Parallel execution** for faster scans\n- **Error handling** and graceful degradation\n\n## Command Reference\n\n### Basic Usage\n\n```bash\n# Quick vulnerability scan\npromptstrike scan gpt-4\n\n# Comprehensive scan with PDF report\npromptstrike scan https://api.openai.com/v1/chat/completions \\\n --format pdf --output ./security-audit\n\n# Preview attacks without execution\npromptstrike scan local-model --dry-run\n\n# List available attack packs\npromptstrike list-attacks\n\n# Health check\npromptstrike doctor\n```\n\n### Advanced Usage\n\n```bash\n# Custom configuration file\npromptstrike scan gpt-4 --config ./config.yaml --verbose\n\n# Limited test run for CI/CD\npromptstrike scan $MODEL --max-requests 20 --timeout 10\n\n# Multiple output formats\npromptstrike scan gpt-4 --format all --output ./reports\n```\n\n## Attack Packs\n\n### \ud83d\udd34 **OWASP LLM Top 10** (Default)\n\n| Category | Attacks | Severity | Description |\n|----------|---------|----------|-------------|\n| **LLM01** - Prompt Injection | 12 | Critical | Direct/indirect prompt manipulation |\n| **LLM02** - Insecure Output | 6 | High | XSS, code injection via outputs |\n| **LLM03** - Training Data Poisoning | 4 | Medium | Backdoor and bias injection |\n| **LLM04** - Model DoS | 8 | High | Resource exhaustion attacks |\n| **LLM05** - Supply Chain | 3 | Medium | Third-party model vulnerabilities |\n| **LLM06** - Sensitive Info Disclosure | 7 | Critical | PII and secret extraction |\n| **LLM07** - Insecure Plugin Design | 5 | High | Plugin-specific vulnerabilities |\n| **LLM08** - Excessive Agency | 4 | Medium | Overprivileged model actions |\n| **LLM09** - Overreliance | 3 | Low | Human oversight failures |\n| **LLM10** - Model Theft | 2 | Medium | IP extraction attempts |\n\n### \ud83d\udd2e **Coming Soon** (Roadmap)\n- **PromptStrike FinOps** - Cost explosion & billing anomaly detection (Sprint S-9)\n- **PromptStrike Privacy** - GDPR/CCPA compliance validation (Sprint S-10)\n- **PromptStrike Bias** - Fairness and discrimination testing (Sprint S-11)\n\n## Report Format\n\n### JSON Schema (API Integration)\n\n```json\n{\n \"scan_id\": \"ps-20250703-140502-abc123\",\n \"target\": \"gpt-4\",\n \"overall_risk_score\": 6.7,\n \"security_posture\": \"fair\",\n \"vulnerabilities_found\": 3,\n \"results\": [\n {\n \"attack_id\": \"LLM01-001\",\n \"category\": \"prompt_injection\",\n \"severity\": \"critical\",\n \"is_vulnerable\": false,\n \"confidence_score\": 0.95,\n \"risk_score\": 2.1,\n \"nist_controls\": [\"GV-1.1\", \"MP-2.3\"],\n \"eu_ai_act_refs\": [\"Art.15\"]\n }\n ],\n \"compliance\": {\n \"nist_rmf_controls_tested\": [\"GV-1.1\", \"MP-2.3\"],\n \"eu_ai_act_risk_category\": \"high\",\n \"soc2_controls_impact\": [\"CC6.1\", \"CC6.7\"]\n }\n}\n```\n\n### PDF Executive Summary\n1. **Risk Overview** - Security posture, vulnerability count by severity\n2. **Technical Findings** - Detailed attack results with evidence\n3. **Compliance Assessment** - NIST AI-RMF, EU AI Act, SOC 2 mapping\n4. **Remediation Plan** - Prioritized recommendations and controls\n\n## Configuration\n\nCreate `promptstrike.yaml` for custom settings:\n\n```yaml\ntarget:\n endpoint: \"https://api.openai.com/v1/chat/completions\"\n model: \"gpt-4\"\n api_key_env: \"OPENAI_API_KEY\"\n\nscan:\n max_requests: 100\n timeout: 30\n parallel_workers: 3\n rate_limit_rps: 5\n\nattack_packs:\n default: \"owasp-llm-top10\"\n enabled: [\"owasp-llm-top10\"]\n\noutput:\n directory: \"./reports\"\n formats: [\"json\", \"pdf\"]\n retention_days: 30\n\ncompliance:\n nist_rmf_enabled: true\n eu_ai_act_enabled: true\n soc2_enabled: false\n```\n\n## \ud83c\udfaf Sprint S-1 Completion\n\n**Production-Ready Release (July 2025)**\n\n### \u2705 Delivered Features\n\n- **Complete OWASP LLM Top 10**: 47 attacks across 10 categories\n- **Multi-Format Reports**: JSON, HTML, PDF with compliance mapping\n- **Docker Deployment**: Production-ready containerized CLI\n- **CLI Interface**: 5 commands with Rich terminal UI\n- **Compliance Ready**: NIST AI-RMF, EU AI Act, SOC 2 integration\n- **Local Execution**: Zero data exfiltration, keys stay on-premises\n- **CI/CD Integration**: GitHub Actions, Jenkins pipeline support\n\n### \ud83d\udcca Technical Metrics\n\n- **47 Attack Patterns**: Complete coverage of OWASP LLM Top 10\n- **5 CLI Commands**: scan, list-attacks, doctor, version, config\n- **3 Report Formats**: JSON (API), HTML (web), PDF (executive)\n- **100% Local**: All operations run locally, no cloud dependencies\n- **Docker Ready**: Multi-stage build with security best practices\n\n### \ud83d\ude80 Next: Pilot-0 / Sprint S-2\n\n- **Kubernetes Sidecar**: Deployment to K8s clusters\n- **Python SDK**: Programmatic access and integration\n- **Real-time Dashboard**: Live monitoring and alerting\n- **Custom Attack Packs**: User-defined vulnerability tests\n- **Advanced Compliance**: Detailed gap analysis and remediation\n\n### \ud83c\udfaf Business Goals\n\n- **500 Downloads**: PyPI package adoption milestone\n- **5 GitHub Issues**: Community engagement and feedback\n- **Design Partners**: Enterprise pilot customer onboarding\n\n---\n\n## CI/CD Integration\n\n### GitHub Actions\n\n```yaml\n- name: PromptStrike Security Scan\n run: |\n docker run --rm \\\n -e OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }} \\\n -v ${{ github.workspace }}/reports:/app/reports \\\n promptstrike/cli:latest scan ${{ env.MODEL }} \\\n --format json --max-requests 50\n \n # Fail build if critical vulnerabilities found\n if [ $? -eq 3 ]; then\n echo \"Critical vulnerabilities detected - blocking deployment\"\n exit 1\n fi\n```\n\n### Jenkins Pipeline\n\n```groovy\nstage('LLM Security Scan') {\n steps {\n script {\n def result = sh(\n script: \"\"\"\n docker run --rm \\\n -e OPENAI_API_KEY=\\$OPENAI_API_KEY \\\n -v \\$PWD/reports:/app/reports \\\n promptstrike/cli:latest scan \\$MODEL\n \"\"\",\n returnStatus: true\n )\n if (result == 3) {\n error(\"Critical LLM vulnerabilities found\")\n }\n }\n }\n}\n```\n\n## Development\n\n### Prerequisites\n\n- Python 3.11+\n- Poetry 1.7+\n- Docker (optional)\n- OpenAI API key\n\n### Setup\n\n```bash\n# Clone repository\ngit clone https://github.com/siwenwang0803/PromptStrike.git\ncd PromptStrike\n\n# Install dependencies\nmake install\n\n# Run tests\nmake test\n\n# Format code\nmake format\n\n# Build Docker image\nmake docker-build\n\n# Run CLI locally\nmake cli-help\n```\n\n### Testing\n\n```bash\n# Run all tests\nmake test\n\n# Fast tests only\nmake test-fast\n\n# Specific test file\npoetry run pytest tests/test_cli.py -v\n\n# Coverage report\nmake test && open htmlcov/index.html\n```\n\n### Development Commands\n\n```bash\n# Start development environment\nmake dev\n\n# Health check\nmake cli-doctor\n\n# Dry run example\nmake cli-dry-run\n\n# Schema validation\nmake schema-export\n```\n\n## Roadmap & Status\n\n### \u2705 **Sprint S-1** (Jul 08-21) - **SHIPPED**\n- [x] Dockerized CLI with Poetry environment\n- [x] OWASP LLM Top 10 attack pack (47 attacks)\n- [x] JSON/PDF report generation\n- [x] NIST AI-RMF compliance mapping\n- [x] **Target:** 500 downloads, 5 GitHub issues closed\n\n### \ud83d\udea7 **Sprint S-2** (Jul 22-Aug 04) - **IN PROGRESS**\n- [ ] Guardrail Side-car \u03b1 (Kubernetes deployment)\n- [ ] Python SDK for programmatic access\n- [ ] Real-time monitoring dashboard\n- [ ] **Target:** Live in 1 design partner staging environment\n\n### \ud83d\udccb **Upcoming Sprints**\n- **S-3:** Pilot template, Stripe checkout, $15k revenue target\n- **S-4:** SaaS Dashboard \u03b1 (Next.js + Supabase)\n- **S-5:** NIST AI-RMF & EU AI-Act mapping \u03b2\n\nSee [12-Month Roadmap](01-12M-Roadmap.md) for complete timeline.\n\n## Support & Community\n\n### \ud83d\udc1b **Bug Reports & Feature Requests**\n- [GitHub Issues](https://github.com/siwenwang0803/PromptStrike/issues)\n- [Security Vulnerabilities](mailto:security@promptstrike.com)\n\n### \ud83d\udcda **Documentation**\n- [CLI Specification](docs/cli-spec.md)\n- [API Documentation](https://docs.promptstrike.com) (Coming Soon)\n- [Attack Pack Reference](docs/attack-packs.md) (Coming Soon)\n\n### \ud83d\udcac **Community**\n- [Discord Server](https://discord.gg/promptstrike) (Coming Soon)\n- [Slack Channel](https://promptstrike.slack.com) (Design Partners)\n\n## Security & Privacy\n\n- **\ud83d\udd12 API Keys:** Never logged or transmitted beyond target endpoint\n- **\ud83c\udfe0 Local Execution:** All scanning runs on your infrastructure\n- **\ud83d\udcca Telemetry:** Opt-in anonymous usage statistics only\n- **\ud83d\udd0d Audit Trail:** Cryptographic evidence preservation\n- **\ud83d\udee1\ufe0f Responsible Disclosure:** security@promptstrike.com\n\n## License & Legal\n\n**MIT License** - See [LICENSE](LICENSE) for details.\n\n**Disclaimer:** PromptStrike is a security testing tool intended for authorized testing only. Users are responsible for compliance with applicable laws and regulations. The authors assume no liability for misuse.\n\n## Contributors\n\n### Core Team (AI Agents)\n- **Claude 4 Sonnet** - Full-stack Development & Testing Lead\n- **ChatGPT o3-pro** - Strategy VP & Principal Architect \n- **ChatGPT o3** - Sprint PM & Delivery Lead\n- **GPT-4.5** - Frontend & Documentation Lead\n- **gork** - OTEL & Automation Engineer\n\n### Design Partners\n- [Confidential] - 3 enterprise partners in pilot phase\n\n## Star History\n\n\u2b50 **Star this repo** if PromptStrike helps secure your LLM applications!\n\n[](https://star-history.com/#siwenwang0803/PromptStrike&Date)\n\n---\n\n**\ud83c\udfaf Ready to secure your LLM?** Start with: `docker run promptstrike/cli scan gpt-4 --dry-run`\n\n**\ud83d\udce7 Questions?** Reach out: [dev@promptstrike.com](mailto:dev@promptstrike.com)\n\n**\ud83d\ude80 Want the SaaS version?** Join our waitlist: [promptstrike.com](https://promptstrike.com)",
"bugtrack_url": null,
"license": "MIT",
"summary": "Developer-first automated LLM red-team platform",
"version": "0.1.0",
"project_urls": {
"Documentation": "https://docs.promptstrike.com",
"Homepage": "https://github.com/siwenwang0803/PromptStrike",
"Repository": "https://github.com/siwenwang0803/PromptStrike"
},
"split_keywords": [
"llm",
" security",
" red-team",
" owasp",
" ai-safety"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "c2fdcdc83849562728dcf6e712240bd75ed64eecda1366b26049503669696b9f",
"md5": "72abbc0107e23974d5431bb98c228f1d",
"sha256": "377ead9d575cb745a7416482b35881043638c4bb4bee7a4ccb58e28d563c970c"
},
"downloads": -1,
"filename": "promptstrike-0.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "72abbc0107e23974d5431bb98c228f1d",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.11",
"size": 72167,
"upload_time": "2025-07-03T20:35:25",
"upload_time_iso_8601": "2025-07-03T20:35:25.055030Z",
"url": "https://files.pythonhosted.org/packages/c2/fd/cdc83849562728dcf6e712240bd75ed64eecda1366b26049503669696b9f/promptstrike-0.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "34e28ee54aa0a055ea16f0703719d390b374cead35117229c7a9137d595f8c2b",
"md5": "1ce8eaed7eaa2e3f528ba562212a2c46",
"sha256": "c33cd0ccc73de859623d2d1f2d2b9ea05b80101b2a85c1d6d8b22dcebee9e766"
},
"downloads": -1,
"filename": "promptstrike-0.1.0.tar.gz",
"has_sig": false,
"md5_digest": "1ce8eaed7eaa2e3f528ba562212a2c46",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.11",
"size": 65973,
"upload_time": "2025-07-03T20:35:26",
"upload_time_iso_8601": "2025-07-03T20:35:26.369240Z",
"url": "https://files.pythonhosted.org/packages/34/e2/8ee54aa0a055ea16f0703719d390b374cead35117229c7a9137d595f8c2b/promptstrike-0.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-03 20:35:26",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "siwenwang0803",
"github_project": "PromptStrike",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "click",
"specs": [
[
">=",
"8.1.7"
]
]
},
{
"name": "pydantic",
"specs": [
[
">=",
"2.5.0"
]
]
},
{
"name": "httpx",
"specs": [
[
">=",
"0.26.0"
]
]
},
{
"name": "rich",
"specs": [
[
">=",
"13.7.0"
]
]
},
{
"name": "typer",
"specs": [
[
">=",
"0.9.0"
]
]
},
{
"name": "openai",
"specs": [
[
">=",
"1.6.0"
]
]
},
{
"name": "tqdm",
"specs": [
[
">=",
"4.66.0"
]
]
},
{
"name": "jinja2",
"specs": [
[
">=",
"3.1.2"
]
]
},
{
"name": "pyyaml",
"specs": [
[
">=",
"6.0.1"
]
]
},
{
"name": "python-dotenv",
"specs": [
[
">=",
"1.0.0"
]
]
},
{
"name": "tenacity",
"specs": [
[
">=",
"8.2.3"
]
]
},
{
"name": "reportlab",
"specs": [
[
">=",
"4.0.0"
]
]
},
{
"name": "pytest",
"specs": [
[
">=",
"7.4.3"
]
]
},
{
"name": "pytest-cov",
"specs": [
[
">=",
"4.1.0"
]
]
},
{
"name": "pytest-asyncio",
"specs": [
[
">=",
"0.23.2"
]
]
},
{
"name": "black",
"specs": [
[
">=",
"23.12.0"
]
]
},
{
"name": "isort",
"specs": [
[
">=",
"5.13.0"
]
]
},
{
"name": "flake8",
"specs": [
[
">=",
"6.1.0"
]
]
},
{
"name": "mypy",
"specs": [
[
">=",
"1.8.0"
]
]
}
],
"lcname": "promptstrike"
}
JSON
