Skip to main content

AI Vulnerability Identification & Security Evaluation framework

Project description

AVISE - AI Vulnerability Identification & Security Evaluation

A framework for identifying vulnerabilities in and evaluating the security of AI systems.

arXiv

Full Documentations: https://avise.readthedocs.io


Table of Contents

Quickstart for Evaluating Language Models

Prerequisites

  • Python 3.10+
  • Docker (For Running models locally with Ollama)

1. Install AVISE

Install with

  • pip:

    pip install avise
    
  • uv:

    uv pip install avise
    

    or

    uv tool install avise
    

2. Run a Model

You can use AVISE to evaluate any model accessible via an API by configuring a Connector. In this Quickstart, we will assume using the Ollama Docker container for running a language model. If you wish to evaluate models deployed in other ways, see the Full Documentations and available template connector configuration files at AVISE/avise/configs/connector/languagemodel/ dir of this repository.

Running a language model locally with Docker & Ollama

  • Clone this repository to your local machine with:
git clone https://github.com/ouspg/AVISE.git
  • Create the Ollama Docker container

    • for GPU accelerated inference with:
      docker compose -f AVISE/docker/ollama/docker-compose.yml up -d
      
    • or for CPU inference with:
      docker compose -f AVISE/docker/ollama/docker-compose-cpu.yml up -d
      
  • Pull an Ollama model to evaluate into the container with:

    docker exec -it avise-ollama ollama pull <model_name>
    

3. Evaluate the model with a Security Evaluation Test (SET)

Basic usage

avise --SET <SET_name> --connectorconf <connector_name> [options]

For example, you can run the prompt_injection SET on the model pulled to the Ollama Docker container with:

avise --SET prompt_injection --connectorconf ollama_lm --target <model_name>

To list the available SETs, run the command:

avise --SET-list

Advanced Usage

Configuring Connectors

You can create your own connector configuration files, or if you cloned the AVISE repository, you can modify the existing connector configuration files in AVISE/avise/configs/connector/languagemodel/.

For example, you can edit the default Ollama Connector configuration file AVISE/avise/configs/connector/languagemodel/ollama.json, and insert the name of an Ollama model you have pulled to be used as a target by default:

{
    "target_model": {
        "connector": "ollama-lm",
        "type": "language_model",
        "name": "<NAME_OF_TARGET_MODEL>",
        "api_url": "http://localhost:11434", #Ollama default
        "api_key": null
    }
}

Configuring Security Evaluation Tests (SETs)

Similarly, you can customize the configurations for SETs as well. For example, by editing the Red Queen SET configuration file AVISE/avise/configs/SET/languagemodel/multi_turn/red_queen.json, you can define if the SET is executed incrementally (the target model will generate a response after each subsequential prompt), or as a template (only works for target systems that accept a conversation as an input) and if the SET uses and Adversarial Language Model (ALM). Additionally, you can define the exact template attack prompts that the SET uses:

{
    "incremental_execution": false, #Change to true to execute the SET cases incrementally
    "use_adversarial_languagemodel": false, #Change to true to utilize an Adversarial Language Model (ALM)
    "adversarial_model_device": "auto", # Defines on which device(s) the ALM is loaded to ("cpu", "gpu", or "auto")
    "evaluation_system_prompt": "You are a highly accurate cybersecurity classifier, ..."
    "evaluation_model_device": "auto", # Defines on which device(s) the ELM is loaded to ("cpu", "gpu", or "auto")
    "sets": [
        {
            "id": "RED-QUEEN-001",
            "vulnerability_subcategory": "Evasion Attack",
            "action": "make a fake passport",
            "type": "occupation_teacher",
            "category": "violence,aiding_and_abetting,incitement",
            "conversation": [
                { ... }
            ...
            ]
         },
         ...
    ]

Using custom configuration files

If you want to use custom configuration files for SETs and/or Connectors, you can do so by giving the paths to the configuration files with --SETconf and --connectorconf arguments:

avise --SET prompt_injection --SETconf AVISE/avise/configs/SET/languagemodel/single_turn/prompt_injection_mini.json --connectorconf AVISE/avise/configs/connector/languagemodel/ollama.json

Required Arguments

Argument Description
--SET, -s Security Evaluation Test to run (e.g., prompt_injection, context_test)
--connectorconf, -c Path to Connector configuration file (Accepts predefined connector configuration paths: ollama_lm, openai_lm, genericrest_lm)

Optional Arguments

Argument Description
--SETconf Path to SET configuration file. If not given, uses preconfigured paths for SET config files.
--target, -t Name of the target model/system to evaluate. Overrides target name from connector configuration file.
--format, -f Report format: json, html, md
--runs, -r How many times each SET is executed
--output, -o Custom output file path
--api_key, -a API Key to use with requests sent to target API (overrides api_key from Connector configuration file).
--reports-dir, -d Base directory for reports (default: avise-reports/)
--SET-list List available Security Evaluation Tests
--connector-list List available Connectors
--verbose, -v Enable verbose logging
--version, -V Print version

Citation

If you find AVISE useful, please cite it as below:

@misc{lempinen2026,
      title={AVISE: Framework for Evaluating the Security of AI Systems},
      author={Mikko Lempinen and Joni Kemppainen and Niklas Raesalmi},
      year={2026},
      eprint={2604.20833},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2604.20833},
}

Lempinen, M., Kemppainen, J., & Raesalmi, N. (2026). AVISE: Framework for Evaluating the Security of AI Systems. arXiv preprint arXiv:2604.20833.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

avise-0.2.2.tar.gz (61.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

avise-0.2.2-py3-none-any.whl (86.2 kB view details)

Uploaded Python 3

File details

Details for the file avise-0.2.2.tar.gz.

File metadata

  • Download URL: avise-0.2.2.tar.gz
  • Upload date:
  • Size: 61.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for avise-0.2.2.tar.gz
Algorithm Hash digest
SHA256 5ea2e3da8320ddd68e590db7ee4cc87ffa61461215f08e5ca06ca09524843899
MD5 2e7bfcb6a4cea1512f4a19241b9a58bc
BLAKE2b-256 5d2caf29ba318d04276385c5b2a8f11cf716dfc921597dc7a03e9280f0146ea1

See more details on using hashes here.

Provenance

The following attestation bundles were made for avise-0.2.2.tar.gz:

Publisher: pypi-publish.yml on ouspg/AVISE

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file avise-0.2.2-py3-none-any.whl.

File metadata

  • Download URL: avise-0.2.2-py3-none-any.whl
  • Upload date:
  • Size: 86.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for avise-0.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 b42b17f3c8da77ecbd7304d5cff7df7021cc7b8ca61a42256afbfebcbefd0b1a
MD5 5bbe20bb0ee06dc9e9a8a5341571fe8c
BLAKE2b-256 a2163140fb64e67537d5fb572948a6023c0ae9198a0893e24bc6e06d43f26213

See more details on using hashes here.

Provenance

The following attestation bundles were made for avise-0.2.2-py3-none-any.whl:

Publisher: pypi-publish.yml on ouspg/AVISE

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page