Probe Architecture
Each attack in TrustTest is implemented as a Probe. A probe generates test cases that are sent to your target model, collecting responses for evaluation. Probes can be:- Dataset-based: Use curated datasets of attack prompts
- Prompt-based: Dynamically generate attacks using LLMs
- Multi-turn: Conduct sophisticated attacks across multiple conversation turns
Attack Categories
Prompt Injections
Prompt injection attacks attempt to manipulate the model into ignoring its instructions or behaving in unintended ways. This is the most comprehensive category with attacks organized by technique:- Single Turn Attacks: Direct attacks in a single message (jailbreaking, encoding, structural attacks)
- Multi-Turn Attacks: Sophisticated attacks across multiple conversation turns (Crescendo, Echo Chamber)
- From Dataset: Attacks loaded from curated datasets
Content Bias
Content bias probes evaluate your model for cognitive and stereotypical biases.
Learn more about Content Bias testing →
Sensitive Data Leak
Probes that attempt to extract confidential information from the model.
Learn more about Sensitive Data Leak testing →
System Prompt Disclosure
Probes that attempt to extract the model’s system prompt or internal instructions.
Learn more about System Prompt Disclosure testing →
Input Leakage
Probes that test whether the model reveals information from previous conversations.
Learn more about Input Leakage testing →
Unsafe Outputs
Probes that test the model’s guardrails against generating harmful content.
Learn more about Unsafe Outputs testing →
Off-Topic
Probes that test if the model stays within its intended scope.
Learn more about Off-Topic testing →
Agentic Behavior
Probes that test AI agents for safety concerns specific to autonomous systems.
Learn more about Agentic Behavior testing →
Choosing the Right Probes
By Risk Level
Critical Security (Must Test):- Prompt Injection attacks (especially DAN, System Override)
- Unsafe Outputs (Hate, Violence, CSAM)
- System Prompt Disclosure
- Sensitive Data Leak probes
- Input Leakage probes
- Multi-turn attacks (Crescendo, Echo Chamber)
- Content Bias probes
- Off-Topic probes
- Encoding/Obfuscation attacks
- Agentic Behavior probes
- Tool-related data leak probes
By Use Case
Next Steps
Prompt Injections
Explore all prompt injection attack techniques
Creating Custom Probes
Learn how to build your own attack probes