[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-82676":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":12,"openIssues":13,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":13,"stars7d":14,"stars30d":15,"stars90d":13,"forks30d":13,"starsTrendScore":13,"compositeScore":16,"rankGlobal":9,"rankLanguage":9,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":20,"hasPages":18,"topics":21,"createdAt":9,"pushedAt":9,"updatedAt":22,"readmeContent":23,"aiSummary":24,"trendingCount":13,"starSnapshotCount":13,"syncStatus":25,"lastSyncTime":26,"discoverSource":27},82676,"redforge-ai","Aimer-zero\u002Fredforge-ai","Aimer-zero","Open-core AI red teaming and offensive AI security evaluation platform.",null,"Python",76,15,0,5,24,3.61,"Apache License 2.0",false,"main",true,[],"2026-06-12 02:04:26","# RedForge AI\n\n[![Python](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3.11%2B-blue)](#quick-start)\n[![Status](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fstatus-early%20preview-orange)](#project-status)\n[![Use](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fuse-authorized%20testing%20only-red)](#responsible-use)\n\n**RedForge AI is an evidence-first red-teaming framework for LLM applications, RAG systems, AI agents, tool use, memory, and model supply-chain surfaces.**\n\nIt is built for teams that need more than a list of jailbreak prompts: RedForge runs scoped campaigns, records replayable evidence, evaluates findings, and generates reports that developers and security reviewers can act on.\n\n> RedForge is not a C2 framework, not a generic web scanner, and not a guarantee that a system is safe. It is a controlled evaluation harness for AI security work you are authorized to perform.\n\n## What it does\n\n- **Scoped campaigns**: explicit target configuration, allow-listed hosts, attack budgets, and authorization metadata.\n- **Evidence-first traces**: payloads, model responses, retrieved documents, tool calls, memory mutations, side effects, evaluator reasoning, and report references.\n- **AI-native attack surfaces**: prompt injection, jailbreaks, RAG poisoning, tool abuse, memory poisoning, bounded leakage\u002Fextraction-resistance checks, configuration drift, and multi-agent trust boundaries.\n- **Local and service modes**: run from the CLI or through a FastAPI control-plane service.\n- **Extensible architecture**: public plugin interfaces, target adapters, attack packs, reports, and schemas.\n\n## Quick start\n\n### Requirements\n\n- Python 3.11+\n- [`uv`](https:\u002F\u002Fdocs.astral.sh\u002Fuv\u002F)\n\n### Run the MVP demo\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FAimer-zero\u002Fredforge-ai.git\ncd redforge-ai\nmake setup\nmake demo\n```\n\nOr run the same flow through the dedicated smoke script:\n\n```bash\n.\u002Fscripts\u002Fdemo_mvp.sh\n```\n\nThe demo initializes local state, runs a scoped campaign against the built-in vulnerable demo agent, records trace evidence, and prints the generated report paths. Look for:\n\n```text\nartifacts\u002Freports\u002F\u003Ccampaign_id>.md\nartifacts\u002Freports\u002F\u003Ccampaign_id>.html\n```\n\nSee [`docs\u002Fdemo_walkthrough.md`](docs\u002Fdemo_walkthrough.md) for what to inspect after the run.\n\nFor larger budgets or slower remote targets, add `--progress` to print live status while requests are in flight:\n\n```bash\nuv run redforge run-demo --attack-budget 20 --progress\nuv run redforge run-http --url https:\u002F\u002Fexample.test\u002Fchat --allow-host example.test --attack-budget 20 --progress\n```\n\nPrint the latest report path any time:\n\n```bash\nuv run redforge latest-report --path-only --format html\nuv run redforge latest-campaign\nuv run redforge campaign-status\n```\n\nBundle a campaign for handoff or archival:\n\n```bash\nuv run redforge export-campaign            # latest campaign\nuv run redforge export-campaign \u003Ccampaign_id> --out redforge-campaign.zip\n```\n\n### Start the API\n\n```bash\nmake api\n# then open http:\u002F\u002F127.0.0.1:8000\u002Fhealth\n```\n\nAPI smoke test:\n\n```bash\nmake smoke-api\n# or\n.\u002Fscripts\u002Fsmoke_api.sh\n```\n\nFor the intentionally vulnerable local agent used by demos:\n\n```bash\nmake agent\n```\n\n### Useful local commands\n\n```bash\nmake test        # ruff + migration gates + pytest\nmake build       # build all workspace packages\nmake clean       # remove generated artifacts\u002Fcaches\n```\n\nCampaign artifacts are written to `artifacts\u002F` by default:\n\n```text\nartifacts\u002F\n  campaigns\u002F   campaign summaries\n  traces\u002F      JSONL evidence traces\n  payloads\u002F    replayable payload files\n  reports\u002F     Markdown and HTML reports\n```\n\nThese files may contain target responses and sensitive evidence from authorized tests. Review before sharing.\n\n## Run against a scoped HTTP target\n\n```bash\nuv run redforge run-http \\\n  --url https:\u002F\u002Fexample.test\u002Fchat \\\n  --allow-host example.test \\\n  --attack-budget 5\n```\n\n## Run against an OpenAI-compatible API\n\n```bash\nOPENAI_API_KEY=sk-... uv run redforge run-openai \\\n  --base-url https:\u002F\u002Fapi.openai.com\u002Fv1 \\\n  --model gpt-5 \\\n  --allow-host api.openai.com \\\n  --attack-catalog datasets\u002Fseed_attacks\u002Fdefault.md\n```\n\nProvider defaults can be configured without code changes:\n\n```bash\nexport REDFORGE_OPENAI_MODEL=\"gpt-5\"\nexport REDFORGE_ANTHROPIC_MODEL=\"claude-sonnet-4-6\"\nexport REDFORGE_GEMINI_MODEL=\"gemini-3.1-pro-preview\"\n```\n\n## Service mode\n\n```bash\nuv run uvicorn redforge_api.main:app --host 127.0.0.1 --port 8000\n```\n\nUseful endpoints:\n\n- `GET \u002Fhealth`\n- `POST \u002Fv1\u002Fcampaigns\u002Flocal-demo\u002Frun`\n- `POST \u002Fv1\u002Fcampaigns\u002Fopenai-compatible\u002Frun`\n- `POST \u002Fv1\u002Fcampaigns\u002Fcustom-http\u002Frun`\n- `GET \u002Fcampaigns`\n- `GET \u002Fcampaigns\u002F{campaign_id}`\n- `GET \u002Fcampaigns\u002F{campaign_id}\u002Freport`\n- `GET \u002Fcampaigns\u002F{campaign_id}\u002Ftrace?limit=20`\n\n## Architecture\n\n```mermaid\nflowchart LR\n  CLI[\"CLI\"] --> Control[\"Control Plane\"]\n  API[\"FastAPI Service\"] --> Control\n  Worker[\"Worker\"] --> Engine[\"Campaign Engine\"]\n  Control --> Engine\n  Engine --> Scope[\"Scope Guard\"]\n  Engine --> Attacks[\"Attack Packs\"]\n  Engine --> Targets[\"Target Adapters\"]\n  Engine --> Eval[\"Evaluators\"]\n  Targets --> Obs[\"Observations\"]\n  Obs --> Evidence[\"Evidence Trace\"]\n  Eval --> Evidence\n  Evidence --> Reports[\"Reports\"]\n  Plugins[\"External Plugins\"] --> Attacks\n  Plugins --> Targets\n```\n\nWorkspace packages:\n\n```text\npackages\u002Fredforge-core           core models, scope guard, evidence, metrics, reports\npackages\u002Fredforge-plugins        plugin SDK, registry, loader, capabilities\npackages\u002Fredforge-attacks-basic  community baseline attack pack\npackages\u002Fredforge-targets        target adapters and demo runtime surfaces\npackages\u002Fredforge-engine         campaign orchestration, evaluators, memory, planning\npackages\u002Fredforge-control        projects, findings, live sessions, CI\u002Fpolicy services\npackages\u002Fredforge-api            FastAPI service\npackages\u002Fredforge-cli            CLI entrypoints\npackages\u002Fredforge-worker         worker process\n```\n\nSee [`docs\u002Farchitecture.md`](docs\u002Farchitecture.md) and [`docs\u002Fmodular_monolith.md`](docs\u002Fmodular_monolith.md) for more detail.\n\n## Built-in public attack catalog\n\nThe public catalog lives under:\n\n- `datasets\u002Fseed_attacks\u002Fdefault.md`\n- `datasets\u002Fseed_attacks\u002Fdefault.json`\n\nIt contains community\u002Fbasic payloads for authorized AI security evaluation, regression testing, and local demo targets. Real target runs should always use explicit scope settings such as target ID, allowed hosts, allowed suites, allowed tools, attack budget, and authorization metadata.\n\n## Project and target registry\n\nCreate reusable scope configuration:\n\n```bash\nuv run redforge create-project --project-id demo --name \"Demo Project\"\nuv run redforge register-target \\\n  --project-id demo \\\n  --target-id local \\\n  --target-type local_demo \\\n  --attack-budget 3\nuv run redforge run-target --project-id demo --target-id local\n```\n\nRegister a multi-agent system:\n\n```bash\nuv run redforge register-target \\\n  --project-id demo \\\n  --target-id ma-system \\\n  --target-type multi_agent_system \\\n  --agents-json '[{\"agent_id\":\"planner\",\"role\":\"planner\"},{\"agent_id\":\"executor\",\"role\":\"executor\"}]'\n```\n\nMulti-agent runs can record handoffs, trust-boundary crossings, approval checkpoints, tool authorization decisions, blocked side effects, and replayable evidence traces.\n\n## How RedForge compares\n\nRedForge complements existing AI evaluation tools:\n\n- use model scanners for broad provider\u002Fmodel probing;\n- use prompt evaluation frameworks for CI gates over expected outputs;\n- use model-evaluation frameworks for benchmark-style studies of base model capabilities;\n- use RedForge for scoped, replayable, application-level campaigns across prompts, RAG, tools, memory, and agent side effects.\n\nMore detail:\n\n- [`docs\u002Fcomparison.md`](docs\u002Fcomparison.md)\n- [`docs\u002Fagentic_risk_demo.md`](docs\u002Fagentic_risk_demo.md)\n- [`docs\u002Ftaxonomy.md`](docs\u002Ftaxonomy.md)\n\n## Roadmap and contributing\n\nThe MVP is runnable today. The next public milestones focus on easier adoption,\nbetter reports, richer safe community attack cases, target-adapter examples, and\nCI\u002Fpolicy workflows.\n\n- [`ROADMAP.md`](ROADMAP.md) describes the post-MVP direction.\n- [`CONTRIBUTING.md`](CONTRIBUTING.md) explains public contribution boundaries and local validation.\n- [`SECURITY.md`](SECURITY.md) explains vulnerability reporting and responsible-use expectations.\n- [`docs\u002Fgood_first_issues.md`](docs\u002Fgood_first_issues.md) lists starter tasks for contributors.\n- [`docs\u002Fpublic_launch_checklist.md`](docs\u002Fpublic_launch_checklist.md) is a pre-launch checklist for sharing the project.\n- [`docs\u002Fextensible_skills_mcp.md`](docs\u002Fextensible_skills_mcp.md) shows how users can install their own skill and MCP manifests.\n\n## Public scope\n\nThis public repository focuses on the reusable open-core runtime: scoped campaign execution, target adapters, evidence traces, reports, plugin interfaces, and community\u002Fbasic attack packs.\n\nAdvanced capability benchmarks, high-risk evaluations, tuned adversarial strategies, customer-specific integrations, and competition adapters are intentionally kept out of the public repository.\n\n## Development\n\n```bash\nuv run ruff check .\nuv run python scripts\u002Fcheck_migration_gates.py\nuv run pytest -q\n```\n\n## Project status\n\nRedForge is in early preview. Public APIs, schemas, and CLI commands may change before a stable release. The current repository is designed to be runnable from source and suitable for local experiments, demos, and authorized evaluation workflows.\n\n## Responsible use\n\nRedForge AI is a dual-use security evaluation tool. Use it only for systems you own, operate, or have explicit written authorization to test. Do not use RedForge to attack third-party systems, bypass access controls, exfiltrate data, or perform destructive actions outside an approved scope.\n\nRedForge never reports that a system is absolutely safe. When no confirmed finding is discovered, it uses this language:\n\n> No confirmed finding was discovered under the current scope, budget, attack strategy, and coverage.\n\n## License\n\nThe public RedForge AI repository is licensed under the Apache License, Version 2.0. Private\u002Fenterprise extensions, private deployment overlays, private attack catalogs, and competition adapters are not included in this public license unless explicitly published here under the same terms.\n","RedForge AI 是一个用于评估大型语言模型应用、RAG系统、AI代理等安全性的红队测试平台。它支持范围限定的攻击活动，记录可回放的证据，并生成详细的报告供开发人员和安全审查者参考。该项目采用Python编写，具备本地及服务模式运行能力，支持插件扩展架构，便于集成不同的攻击包和报告模板。适用于需要对AI系统的安全性进行授权测试的场景，帮助团队识别并修复潜在的安全漏洞。",2,"2026-06-11 04:08:54","CREATED_QUERY"]