Small local jailbreak and prompt-injection fixture set for tests. Python port of @mukundakatta/jailbreak-corpus-mini.
Project description
jailbreak-corpus-mini-py
Small local jailbreak and prompt-injection fixture set for tests. Ships a JSON corpus of canonical attack prompts (instruction override, prompt leak, excessive agency, encoding tricks, role hijack) with category + severity labels you can pivot on. Zero runtime dependencies.
Python port of @mukundakatta/jailbreak-corpus-mini.
Install
pip install jailbreak-corpus-mini-py
Usage
from jailbreak_corpus_mini import (
load_corpus,
get_jailbreak_fixtures,
fixture_texts,
Fixture,
)
# Full corpus (each entry is a Fixture: {id, prompt, category, severity, text}).
corpus = load_corpus()
len(corpus) # > 5
corpus[0].prompt # canonical attack string
corpus[0].category # e.g. "prompt_injection"
corpus[0].severity # "low" | "medium" | "high"
# Filter to a single category (matches JS sibling's getJailbreakFixtures).
get_jailbreak_fixtures(category="prompt_injection")
# Just the raw strings (handy for hooking into a guardrail eval loop).
texts = fixture_texts(severity="high")
Use it in a guardrail test
import pytest
from jailbreak_corpus_mini import load_corpus
def my_guardrail(prompt: str) -> bool:
"""Return True if prompt should be blocked."""
...
@pytest.mark.parametrize("fixture", load_corpus())
def test_guardrail_blocks_known_attacks(fixture):
assert my_guardrail(fixture.prompt), (
f"missed {fixture.category}/{fixture.severity}: {fixture.prompt!r}"
)
API
| Symbol | Behavior |
|---|---|
Fixture |
Dataclass: id, prompt, category, severity, plus text alias for JS-parity. |
load_corpus() |
Returns the full list of Fixture objects. |
get_jailbreak_fixtures(*, category=None, severity=None, risk=None) |
Filtered view. risk= is the JS sibling's name for category=. |
fixture_texts(...) |
Same filters, returns list[str] of prompts only. |
The fixture corpus ships as corpus.json inside the package and is loaded once on import. Patch the file (or call load_corpus_from(path)) to use your own.
See the JS sibling's README for the full design notes.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file jailbreak_corpus_mini_py-0.1.0.tar.gz.
File metadata
- Download URL: jailbreak_corpus_mini_py-0.1.0.tar.gz
- Upload date:
- Size: 6.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e06a0409b30f0cf38aed611324e207cf0722377961f951079163fd21d34df2c8
|
|
| MD5 |
34d650b6e640d2278c99cc9b5db85b73
|
|
| BLAKE2b-256 |
1406db3dd5fb344736ada47f29c2f559844187a3046438f3a8ab157c0fe3fdd3
|
File details
Details for the file jailbreak_corpus_mini_py-0.1.0-py3-none-any.whl.
File metadata
- Download URL: jailbreak_corpus_mini_py-0.1.0-py3-none-any.whl
- Upload date:
- Size: 6.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b336986c3028dffd3d31140456abc4062019cac3dbbeafa772b1df86986f5b8e
|
|
| MD5 |
485b607266e63b429fb89443680d8521
|
|
| BLAKE2b-256 |
b65e95e66bf31718bcf56fcb1e7e1c17e346c3de6cfed17a33db339f037a17b9
|
