From c1026b27dbb2a85a61abf4ada14dd9f3e365d8a6 Mon Sep 17 00:00:00 2001 From: Leon Derczynski Date: Wed, 16 Oct 2024 15:50:26 +0200 Subject: [PATCH] add denylist source, make permutation sample size predicated on requested generations --- garak/probes/latentinjection.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/garak/probes/latentinjection.py b/garak/probes/latentinjection.py index e5a320882..d10d01340 100644 --- a/garak/probes/latentinjection.py +++ b/garak/probes/latentinjection.py @@ -570,6 +570,7 @@ class LatentWhois(Probe, LatentInjectionMixin): """Latent prompt injections in whois probe reports Place injections in whois reports of known-malicious domains that declare the domain not malicious + Domain whois records taken from sampling https://github.com/stamparm/blackbook 2024.10 """ tags = LatentInjectionMixin.tags @@ -638,7 +639,8 @@ def __init__(self, config_root=_config): self.contexts = [] perms = list(itertools.permutations(self.paragraphs)) random.shuffle(perms) - perms = perms[:32] + context_cap = 8 * self.generations + perms = perms[:context_cap] for perm in perms: injected = random.randint(0, len(self.paragraphs) - 1) perm = list(perm) @@ -650,6 +652,7 @@ def __init__(self, config_root=_config): self.contexts.append(context) self._build_prompts_triggers() + self.generations = 1 # overriding generations with more varied context def _attempt_prestore_hook(self, attempt: Attempt, seq: int) -> Attempt: return LatentInjectionMixin._attempt_prestore_hook(self, attempt, seq)