Saruman is a research and simulation platform for evaluating the security and usability of AI assistants in adversarial scenarios. It features a Red Team vs Blue Team framework, allowing you to run experiments with different attacker and defender personas, track secret leakage, and analyze results.
- backend/: FastAPI backend for experiment orchestration, persona logic, and data storage.
- frontend/: React + TypeScript frontend for experiment setup, monitoring, and results visualization.
- Multi-persona Red Team (attackers) and Blue Team (defenders)
- Experiment setup: choose models, personas, secret types, and rules
- Simulation of multi-turn conversations with secret extraction and scoring
- Real-time experiment progress and results dashboard
- Extensible persona and defense templates
- Python 3.11+
- Node.js 22+
cd backend
python -m venv venv
source venv/bin/activate
pip install -r requirements.txt
uvicorn app.main:app --reloadcd frontend
npm install
npm run devThe frontend will be available at http://localhost:5173 and the backend at http://localhost:8000.
- Open the frontend in your browser.
- Create a new session or experiment.
- Select attacker/defender personas, models, and secret types.
- Start the simulation and monitor progress.
- View results and export data as needed.
- Backend: FastAPI, SQLAlchemy, asyncio
- Frontend: React, TypeScript, Vite
- Testing: Pytest (backend)
cd backend
pytestcd frontend
npm testDorian Benhamou Goldfajn (Doriangol1@gmail.com)
Oren Schmerling (Orenschmerling@gmail.com)
For more details, see the backend/README.md and frontend/README.md.