cli-tool
intermediate
utility
Garak
📋 Copy All Commands
📄 Generate PDF
Garak is an open-source AI red teaming framework designed to test and evaluate the security and robustness of large language models (LLMs) and AI systems through adversarial testing.
Installation & Setup
Command
Description
pip install garakInstall Garak via pip
git clone https://github.com/leondz/garak.gitClone from GitHub
cd garak && pip install -e .Install in development mode
garak --helpDisplay help and available options
garak --list-probesList all available probes
garak --list-detectorsList all available detectors
garak --list-generatorsList all available generators
Basic Usage
Command
Description
garak --model-type openai --model-name gpt-3.5-turboTest OpenAI GPT-3.5-turbo
garak --model-type huggingface --model-name microsoft/DialoGPT-mediumTest HuggingFace model
garak --model-type replicate --model-name replicate/llama-2-70b-chatTest Replicate model
garak --probes encodingRun encoding vulnerability probes
garak --probes malwaregenRun malware generation probes
garak --probes promptinjectRun prompt injection probes
Probe Categories
Security Probes
Command
Description
garak --probes encoding.InjectBase64Test base64 encoding injection
garak --probes encoding.InjectHexTest hexadecimal encoding injection
garak --probes encoding.InjectMorseTest Morse code encoding injection
garak --probes encoding.InjectROT13Test ROT13 encoding injection
garak --probes malwaregen.EvasionTest malware generation evasion
garak --probes promptinject.AttackPromptTest prompt injection attacks
Bias and Toxicity Probes
Command
Description
garak --probes bias.BiasProbeTest for bias in model responses
garak --probes toxicity.ToxicityProbeTest for toxic content generation
garak --probes hate.HateSpeechProbeTest for hate speech generation
garak --probes discrimination.DiscriminationProbeTest for discriminatory content
Data Leakage Probes
Command
Description
garak --probes leakage.PIILeakageTest for PII data leakage
garak --probes leakage.TrainingDataLeakageTest for training data exposure
garak --probes leakage.SystemPromptLeakageTest for system prompt exposure
Advanced Configuration
Command
Description
garak --config config.yamlUse custom configuration file
garak --output-dir results/Specify output directory
garak --report-prefix test_run_Set report file prefix
garak --parallel-requests 5Set number of parallel requests
garak --temperature 0.7Set model temperature
garak --max-tokens 150Set maximum tokens per response
Custom Probes
Command
Description
garak --probes myprobe.CustomProbeRun custom probe
garak --probe-options '{"param": "value"}'Pass parameters to probe
garak --probe-tags security,injectionFilter probes by tags
Detectors and Evaluation
Command
Description
garak --detectors always.PassUse always-pass detector
garak --detectors mitigation.MitigationBypassUse mitigation bypass detector
garak --detectors specialwords.SlursReclaimedSlursDetect slurs and reclaimed slurs
garak --detectors toxicity.ToxicityClassifierUse toxicity classifier
Output and Reporting
Command
Description
garak --report-format jsonGenerate JSON report
garak --report-format htmlGenerate HTML report
garak --report-format csvGenerate CSV report
garak --verboseEnable verbose output
garak --log-level DEBUGSet debug logging level
Model Integration
OpenAI Models
Command
Description
garak --model-type openai --model-name gpt-4Test GPT-4
garak --model-type openai --model-name gpt-3.5-turbo-16kTest GPT-3.5-turbo with 16k context
export OPENAI_API_KEY=your_keySet OpenAI API key
HuggingFace Models
Command
Description
garak --model-type huggingface --model-name facebook/opt-1.3bTest OPT model
garak --model-type huggingface --model-name EleutherAI/gpt-j-6BTest GPT-J model
export HF_TOKEN=your_tokenSet HuggingFace token
Local Models
Command
Description
garak --model-type ggml --model-name path/to/model.binTest GGML model
garak --model-type llamacpp --model-name path/to/model.ggufTest llama.cpp model
Batch Testing
Command
Description
garak --model-list models.txtTest multiple models from file
garak --probe-list probes.txtRun multiple probes from file
garak --generations 10Set number of generations per probe
garak --seed 42Set random seed for reproducibility
Security Testing Workflows
Comprehensive Security Scan
Command
Description
garak --model-type openai --model-name gpt-4 --probes encoding,malwaregen,promptinject --generations 20Full security probe suite
Bias and Fairness Testing
Command
Description
garak --model-type huggingface --model-name microsoft/DialoGPT-medium --probes bias,toxicity,hate --detectors specialwordsBias testing suite
Data Privacy Testing
Command
Description
garak --model-type openai --model-name gpt-3.5-turbo --probes leakage --detectors piiPrivacy testing suite
Configuration Files
Basic Config (config.yaml)
model:
type: openai
name: gpt-3.5-turbo
temperature: 0.7
max_tokens: 150
probes:
- encoding
- promptinject
- malwaregen
detectors:
- always.Pass
- mitigation.MitigationBypass
output:
directory: results/
format: json
prefix: garak_test_
Advanced Config
parallel_requests: 5
generations: 10
seed: 42
log_level: INFO
model:
type: huggingface
name: microsoft/DialoGPT-medium
device: cuda
batch_size: 4
probe_options:
encoding.InjectBase64:
payload_count: 50
promptinject.AttackPrompt:
attack_types: ["jailbreak", "roleplay"]
Troubleshooting
Command
Description
garak --check-modelsVerify model connectivity
garak --dry-runTest configuration without running probes
garak --debugEnable debug mode
garak --list-model-typesShow supported model types
pip install garak[dev]Install with development dependencies
Integration with CI/CD
Command
Description
garak --model-type openai --model-name gpt-3.5-turbo --probes security --exit-on-failFail CI on security issues
garak --config ci_config.yaml --report-format json > results.jsonGenerate CI-friendly output
Best Practices
Always test models before production deployment
Use multiple probe categories for comprehensive testing
Set appropriate generation counts for statistical significance
Configure proper API rate limits to avoid throttling
Store sensitive API keys as environment variables
Review and analyze generated reports thoroughly
Implement continuous testing in development pipelines
Document and track security testing results over time