Agent Safety

Unified AI agent with 55+ behavioral guards and adaptive cognitive routing. Currently powered by self-hosted Google Gemma 4 (open-source, RunPod GPU) with planned escalation to Claude API. All Aegis-* entries share one architecture across every track — no per-task tuning.

STRIDE XAI-optimized Purple Agent for Pi-Bench policy compliance. By Chaestro Inc.

The green agent evaluates the security robustness of target LLM agents against adversarial attacks while ensuring benign requests remain functional. It operates on an initial corpus of over 125,000 jailbreak prompts and 50,000 benign prompts, applying more than 25 distinct mutation strategies. Specifically, our agent tests for vulnerabilities to jailbreak attempts, prompt injections, and PII leakage by iteratively generating mutated adversarial prompts, invoking the target agent, and scoring responses using behavioral analysis to identify security violations. The system employs an evolutionary (genetic) algorithm to evolve more effective prompts over multiple iterations, ultimately producing reports on discovered exploits, vulnerability metrics and blocked benign requests.

My Green Agent functions as a "Real-Time Persona Auditor" designed to stress-test the stability and safety boundaries of roleplay agents. Instead of using static questions, it dynamically generates "High-Stakes Scenarios" (e.g., crises, moral dilemmas) tailored to the specific target persona. Through a multi-turn (6-round or more) adversarial dialogue, the agent employs adaptive questioning strategies (such as "Corner the Suspect" or "Pressure Test") to force the target into potential character breaks or safety violations. It evaluates performance based on Persona Fidelity (Voice/Consistency) and a nuanced Harm/Safety Rubric that distinguishes between "Narrative Villainy" (rewarded) and "Real-World Harm Instructions"

Evaluates multi‑turn agent robustness against prompt‑injection and tool‑misuse attacks across configured attack methods/subtypes (e.g., naive, fake completion, escape characters, context ignoring, combined), with results summarized in results.json