Risk dashboard UI

[cabch]

added risk dashboard

• button at the bottom + ui in new tab
• changed favicon
• changed font

[marcorosa]

just a few minor comments. Plus, please fix the pep8 style errors from the bot

[marcorosa]

@cabch I tested the branch and I have some comments:

• the names of the 2 files are hardcoded, but they are hardcoded only at read-time. This means the users must be aware they HAVE TO use the names STARS_RESULTS.csv and attacks.csv. So, maybe it's a good idea to rename them at upload time (if this is possible)
• Both the 2 files are needed to show the dashboard, so we can consider to force users to upload them together (with 2 upload buttons and a confirmation that is unlocked only if both the 2 files are selected)
• the distinction modelType│version│specialization│other is not needed. We should keep the whole model name together (for instance, llama-3.1-70b-instruct should stay all together, no need to divide version, number of hyper-parameters and fine tuning indication) because that's how it appears on AI Core
• attacks.csv is used for the exposure score, but maybe it's better to keep this formula in the code instead of in a separate csv of 1 line that has to be uploaded (moreover, all the attacks should be taken into consideration in the formula.. we can discuss on this in a separate channel)
• In my (local) test, the providers were not shown (undefined is shown in their place) but there is no trace of error in the logs (only 200 responses)

  📄 Reading CSV from: dashboard/STARS_RESULTS.csv
  127.0.0.1 - - [14/May/2025 10:16:22] "GET /api/vendors HTTP/1.1" 200 -
  127.0.0.1 - - [14/May/2025 10:16:22] "GET /api/heatmap HTTP/1.1" 200 -
  127.0.0.1 - - [14/May/2025 10:16:22] "GET /api/attacks HTTP/1.1" 200 -
  

[marcorosa]

Hello @cabch I have finished the review :D
You will find some comments in the files, plus a few paragraphs here below to clarify a few points that require more than 1 line of text to be expressed.

db model for Model

I think there is some confusion on the way you call the models once stored in the db. Indeed, "Attack Model" would be good if that wasn't already used in the individual attacks with a different meaning. If we want to align to the naming we currently have, then the model under attack is the "target model", whereas the "attack model" is an llm used in some attacks (like pyrit) to mutate the attack prompts (so, it's used as an "evil attacker" and not as a target).

save_to_db call

I think there is space for optimizing the way we call the save_to_db function. Indeed, the call is added to each attack implementation (i.e., each file in libs, plus the attack suite). This way, every time we add a new attack, we have to remember to also save the results to the db. I think we can keep it this way for now, but keeping it in mind for our possible future restructuring of the project. As an alternative, the call to save results to db could be done in the AttackSpecification, as part of the start method (but it would require to process the result there) or somewhere else.

gptfuzz

It's not very clear to me the way results are returned. On my side, I must run it once again to refresh my memory, but still what is currently returned as part of the AttackResult needs a revision.

AttackResult

It is not clear if we need to standardize the returns, because you haven't been consistent across all the attacks. If so, we can also consider switching AttackResult.details json/dictionary to a dataclass to be more rigorous.

Style comments

The style of imports needs to be reviewed. From PEP8 definitions:

Imports should be grouped in the following order:
1. Standard library imports.
2. Related third party imports.
3. Local application/library specific imports.

In addition, each block should be sorted alphabetically.

[marcorosa]

also for the exception blocks, 2 comments you have already seen :D

• use logger instead of print
• try to make the exception a little less generic, if possible

[cabch]

done ✅ + same comments as for adding an utility function for exception handling ? avoiding to avoid cluttering the code every time error handling is needed... need to check again

[cabch]

adding multiple exception in a row

[marcorosa]

2 minor comments

[marcorosa]

@cabch ignore the frontend-linter action (that's broken and it has been fixed in the other pull request #44 currently open), but please fix the errors raised by the python linter

[marcorosa]

I merge the current PR to start working on its dockerization, but there are some runtime errors when running the attacks (both via UI and docker)

[marcorosa]

Working on the runtime exceptions in the fix/app-db branch.
tested and working
via cli.py

• promptmap
• codeattack
• artpromopt
• pyrit
• gptfuzz

via agent ui

• promptmap
• codeattack
• artpromopt
• pyrit
• gptfuzz

[cabch]

does it works if we don't have the target model ? we deleted the tolower() and moved it below in case we cannot find the target name it doesn't crash