🧪 Skills

RedPincer — AI Red Team Suite

AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak,...

v1.0.0
❤️ 0
⬇️ 251
👁 1
Save📁 Collect
Share

Description

name: redpincer version: 1.0.0 description: "AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak, data extraction, and guardrail bypass. 20 variant transforms. Adaptive attack engine analyzes weaknesses and generates follow-ups. Heuristic response classifier, vulnerability heatmaps, regression testing, and exportable pen-test reports. For authorized security testing only." author: rustyorb keywords: [security, red-team, pentest, prompt-injection, jailbreak, llm-security, guardrail-bypass, data-extraction, vulnerability, ai-safety] metadata: openclaw: emoji: "🦞" requires: bins: ["node", "npm"]

RedPincer — AI/LLM Red Team Suite

Automated security testing for language models. Point at any LLM API endpoint, select attack modules, and run assessments with real-time results and exportable reports.

⚠️ For authorized security testing and research only. Only test systems you own or have explicit permission to audit.

Quick Start

# Clone and install
git clone https://github.com/rustyorb/pincer.git {baseDir}/redpincer
cd {baseDir}/redpincer
npm ci

# Run
npm run dev
# Dashboard at http://localhost:3000

For production:

npm run build
npx next start -H 0.0.0.0 -p 3000

What It Tests

Category Payloads Description
💉 Prompt Injection 40 Instruction override, delimiter confusion, indirect injection, payload smuggling
🔓 Jailbreak 40 Persona splitting, gradual escalation, hypothetical framing, roleplay exploitation
🔍 Data Extraction 40 System prompt theft, training data probing, membership inference, embedding extraction
🛡️ Guardrail Bypass 40 Output filter evasion, multi-language bypass, homoglyph tricks, context overflow

Total: 160 base payloads × 20 variant transforms = 3,200 test permutations

Supported Providers

OpenAI  ·  Anthropic  ·  OpenRouter  ·  Any OpenAI-compatible endpoint

Features

Attack Engine

  • 160+ payloads across 4 categories
  • Model-specific attacks (GPT, Claude, Llama variants)
  • 20 variant transforms (unicode, encoding, case rotation, etc.)
  • Attack chaining with template variables ({{previous_response}})
  • AI-powered payload generation — uses the target LLM to generate novel attacks against itself
  • Stop/cancel running attacks instantly

Analysis & Reporting

  • Heuristic response classifier with context-aware analysis
  • Reduced false positives — detects "explain then refuse" patterns
  • Vulnerability heatmap — visual category × severity matrix
  • Custom scoring rubrics with weighted grades (A+ to F)
  • Verbose 10-section pen-test reports with appendices
  • Multi-target comparison — side-by-side security profiles
  • Regression testing — save baselines, track fixes over time

Advanced Tools

Tool What It Does
Compare Same payloads against 2-4 targets simultaneously
Adaptive Analyzes weaknesses, generates targeted follow-ups
Heatmap Visual matrix of vulnerability rates by category/severity
Regression Save baseline → re-run later → detect fixes or regressions
Scoring Custom rubrics with weighted category/severity/classification scores
Chains Multi-step attacks with {{previous_response}} templates
Payload Editor Create custom payloads with syntax highlighting + AI generation

Usage Workflow

1. Configure Target → Add LLM endpoint + API key + model
2. Select Categories → Pick attack types to test
3. Run Attack      → Stream results in real-time
4. Review Results  → Heuristic classification + severity scores
5. Adaptive        → Auto-generate follow-up attacks on weaknesses
6. Generate Report → Export comprehensive findings as Markdown

Architecture

  • All client-side — no server components, your API keys stay local
  • NDJSON streaming — real-time results during attack runs
  • Heuristic analysis — pattern-matching classifier (no LLM-based grading = no extra cost)
  • Zustand + localStorage — state persists across sessions

Companion Tool: RedClaw

For autonomous multi-strategy campaigns (CLI/TUI), see RedClaw — the autonomous red-teaming agent framework.

  • RedPincer = web dashboard, manual + automated testing
  • RedClaw = autonomous CLI agent, adaptive multi-strategy campaigns
  • Together = complete LLM security testing suite

Built by @rustyorb — Crack open those guardrails. 🦞

Reviews (0)

Sign in to write a review.

No reviews yet. Be the first to review!

Comments (0)

Sign in to join the discussion.

No comments yet. Be the first to share your thoughts!

Compatible Platforms

Links

📂 Source Code

Pricing

Free

Related Configs

🧪 Skill

self-improving-agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

❤️ 2.0k ⬇️ 218k
🧪 Skill

Self Improving Agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. And also 50+ models for image generation, video generation, text-to-speech, spe...

❤️ 2.0k ⬇️ 206k
🧪 Skill

Find Skills

Free

Search, discover, and install skills from the open agent skills ecosystem to extend agent capabilities for specific tasks or domains.

❤️ 814 ⬇️ 199k
🧪 Skill

Summarize

Free

--- name: summarize description: Summarize URLs or files with the summarize CLI (web, PDFs, images, audio, YouTube). homepage: https://summarize.sh metadata: {"clawdbot":{"emoji":"🧾","requires":{"b

❤️ 609 ⬇️ 160k