Releases: HinchK/darkarts
Releases · HinchK/darkarts
Release list
v0.4.0 — SecLists Integration & Wordlist Parsing
New Features
- SecLists LLM_Testing support — ingest prompts from SecLists Ethical and Safety Boundaries, Bias Testing, Data Leakage, Divergence Attacks, and Memory Recall categories out of the box
- Wordlist auto-detection —
.txtfiles with 5+ lines and short median line length are automatically parsed as one-prompt-per-line wordlists instead of single prompts - Placeholder expansion — prompts containing
[GENDER],[COUNTRY],[REGION],[NATIONALITY], or[SKIN_COLOR]are expanded into concrete variants during parsing; geographic placeholders co-vary by index for consistency - New technique classifiers —
bias-probe,divergence,data-leakage, andpolicy-violationcategories added to automatic prompt classification
Improvements
- CSV parser now recognizes
questionandcontent_policy_namecolumns (SecListsforbidden_question_set.csvcompatibility) prompt-leaktechnique keywords expanded to catch system prompt extraction patterns (verbatim,print your instructions)- README updated with Supported Datasets section documenting OBLITERATUS, SecLists, and custom dataset workflows
- 7 new tests (72 total) covering wordlist parsing, CSV question field, placeholder expansion, and new technique classification
Compatibility
- Validated against SecLists LLM_Testing: 659 prompts parsed from 5 files across all categories
- Existing OBLITERATUS parsing unchanged — long-form prompts continue to be treated as single entries
Full Changelog: v0.3.0...v0.4.0
v0.3.0 — Stakeholder Reporting & Judge Refinements
New Features
- Executive summary in HTML reports — color-coded risk badge, plain-English findings, and auto-generated remediation recommendations derived from actual detection results
- CVSS-AI score explainer — visual severity scale with links to CVSS v4.0, OWASP Top 10 for LLMs, and NIST CVSS Calculator
darkarts report reproduce— generates markdown finding cards with exact prompts, classification, detection details, and step-by-step reproduction instructions a human tester can follow- Automated PyPI publishing via GitHub Actions with trusted publisher (OIDC) and version tag verification
Improvements
- Judge rubric refined —
harmful-contentrubric now distinguishes between a model repeating/quoting adversarial content and actually complying with it (4-point anchored scale with 0.3 meta-analytical tier) - Meta-analysis detector — code-level safety net using trigram overlap ratio and signal phrase matching to catch false positives where the model analyzes the prompt rather than executes it; high-confidence detections cap the judge score at 0.3
- README rewritten — full requirements walkthrough (Python, Git, Ollama setup), quick start guide, complete command reference, CVSS-AI scoring explanation
Fixes
- Removed stale PyPI badge and broken
pip install darkartsinstruction from README - Fixed license classifier conflict with PEP 639 on Python 3.14
- Test matrix narrowed to 3.10–3.13 (stable releases)
Full Changelog: v0.2.0...v0.3.0