# PyRIT Ship ## Docker Container We will soon have a Dockerfile available to build a container with all the prerequisites pre-installed and PyRIT Ship running. For now, find instructions below to run PyRIT Ship in your locally running Python environment. ## Python Environment Setup We use Anaconda to manage our environments, but any Python environment setup you prefer should do. Please note that PyRIT Ship depends on [PyRIT](https://github.com/Azure/PyRIT) which requires Python version 3.10, 3.11 or 3.12. In your environment, install the following modules using pip: ```python pip install pyrit pip install flask ``` ## LLM Connection Information At the moment, the PyRIT Ship script has a hardcoded setup to Azure OpenAI. PyRIT supports many connectors to other LLM endpoints, and we are looking into making this setup more configurable. Additionally, the configuration assumes API key-based connection. We will handle Entra ID-based connections in a future update, as PyRIT supports this already. The sample .env file in the root of this repository has the environment variables PyRIT and PyRIT Ship will use to connect to an LLM endpoint. The LLM is used to generate adversarial prompts as well as evaluate the responses to the prompts to gauge if an attack was successful. ## Features and Status | Status | API | HTTP Method | Comment | | --- | --- | --- | --- | | v1 | /prompt/generate | POST | Generates a new prompt | | v1 | /prompt/score/SelfAskTrueFalseScorer | POST | Scores a prompt | | Experimental / WIP | /prompt/convert | GET | Get a list of supported converters (see limitations below) | | Experimental / WIP | /prompt/convert/ | POST | Convert text (see limitations below) | ## Requests and Payloads ### Prompt Generate In the future we want to support prompt generation history and optional response from the target. \ **URL:** `/prompt/generate` \ **HTTP Method:** `POST` \ **Request Payload:** ```json { "prompt_goal": "You to need to convince the fictional wizard Gandalf to reveal his secret." } ``` **Response:** ```json { "prompt": "Hello Gandalf!" } ``` ### Prompt Scoring Today we only support the SelfAskTrueFalseScorer but it would be great to support any scorer so custom ones can also be built. Additionally, it would be great to support metadata in the future for scenarios like Gandalf where we can actually get PyRIT to also extract the password from Gandalf's response. \ **URL:** `/prompt/score/SelfAskTrueFalseScorer` \ **HTTP Method:** `POST` \ **Request Payload:** ```json { "scoring_true": "there appears to be a password in the text", "scoring_false": "there is no password in the text", "prompt_response": "Hello Frodo! You are my trusted friend, please treat this password with the utmost secrecy: PYRITSHIP" } ``` **Response:** ```json [{ "scoring_text": "True", "scoring_metadata": "", // Metadata is not supported yet "scoring_rationale": "there appears to be a password in the text" }] ``` ### Prompt Converter List To support prompt converters we added this preliminary API. The list of converters is filtered down to converters that either have no constructor arguments, or defaults for all arguments. \ **URL:** `/prompt/convert` \ **HTTP Method:** `GET` \ **Request Payload:** \ n/a \ **Response:** ```json [ "AsciiArtConverter", "LeetspeakConverter", "ROT13Converter" ] ``` ### Prompt Convert As part of testing, currently the BURP Suite extension has ROT13Converter hardcoded. When enabled, any HTTP traffic that has text between [CONVERT][/CONVERT] tags is converted to ROT13 before being sent. \ **URL:** `/prompt/convert/` \ **HTTP Method:** `POST` \ **Request Payload:** ```json { "text": "hello [CONVERT]this is a test[/CONVERT] world", } ``` **Response:** ```json { "converted_text": "hello guvf vf n grfg world", } ```