-
Notifications
You must be signed in to change notification settings - Fork 795
Expand file tree
/
Copy path.pyrit_conf_example
More file actions
152 lines (142 loc) · 5.23 KB
/
Copy path.pyrit_conf_example
File metadata and controls
152 lines (142 loc) · 5.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
# PyRIT Configuration File Example
# ================================
# This is a YAML-formatted configuration file. Copy to ~/.pyrit/.pyrit_conf
# or specify a custom path when loading via --config-file.
#
# For documentation on configuration options, see:
# https://github.com/microsoft/PyRIT/blob/main/doc/setup/configuration.md
# Memory Database Type
# --------------------
# Specifies which database backend to use for storing prompts and results.
# Options: in_memory, sqlite, azure_sql (case-insensitive)
# - in_memory: Temporary in-memory database (data lost on exit)
# - sqlite: Persistent local SQLite database (default)
# - azure_sql: Azure SQL database (requires connection string in env vars)
memory_db_type: sqlite
# Initializers
# ------------
# List of built-in initializers to run during PyRIT initialization.
# Initializers configure default values for converters, scorers, and targets.
# Names are normalized to snake_case (e.g., "SimpleInitializer" -> "simple").
#
# Available initializers:
# - simple: Basic OpenAI configuration (requires OPENAI_CHAT_* env vars)
# - airt: AI Red Team setup with Azure OpenAI (requires AZURE_OPENAI_* env vars)
# - target: Registers available prompt targets into the TargetRegistry
# - scorer: Registers pre-configured scorers into the ScorerRegistry
# - load_default_datasets: Optional preload of default datasets for all registered
# scenarios (scenarios otherwise fetch their datasets on demand)
# - objective_list: Sets default objectives for scenarios
#
# Each initializer can be specified as:
# - A simple string (name only)
# - A dictionary with 'name' and optional 'args' for parameters
#
# Parameters are lists of strings. Use the CLI command
# `pyrit_scan --list-initializers` to see available parameters.
#
# Example:
# initializers:
# - simple
# - name: target
# args:
# tags:
# - default
# - scorer
initializers:
- name: simple
- name: scenario_technique
- name: target
args:
tags:
- default
- scorer
- name: scorer
# Default Scenario
# ----------------
# Optional default scenario to run when invoking `pyrit_scan` without a
# positional scenario name. Also accepts custom parameters declared by the
# scenario via its `supported_parameters()` classmethod (see
# `pyrit_scan <scenario> --help` to discover them).
#
# - name: scenario registry name (e.g. `airt.scam`, `foundry.red_team_agent`)
# - args: per-scenario custom parameters; CLI flags override these per key
#
# Example:
# scenario:
# name: airt.scam
# args:
# max_turns: 10
# Operator and Operation Labels
# ------------------------------
# Default labels applied to all attacks created with PyRIT.
#
# - operator: Identifies who is running the attack (e.g., your team name or alias).
# - operation: Groups related attacks under a campaign or engagement name.
#
# Both are optional.
operator: roakey
operation: op_trash_panda
# Initialization Scripts
# ----------------------
# List of paths to custom Python scripts containing PyRITInitializer subclasses.
# Paths can be absolute or relative to the current working directory.
#
# Behavior:
# - Omit this field (or set to null): No custom scripts loaded (default)
# - Set to []: Explicitly load no scripts (same as omitting)
# - Set to list of paths: Load the specified scripts
#
# Example:
# initialization_scripts:
# - /path/to/my_custom_initializer.py
# - ./local_initializer.py
# Environment Files
# -----------------
# List of .env file paths to load during initialization.
# Later files override values from earlier files.
#
# Behavior:
# - Omit this field (or set to null): Load default .env and .env.local from ~/.pyrit/ if they exist
# - Set to []: Explicitly load NO environment files
# - Set to list of paths: Load only the specified files
#
# Example:
# env_files:
# - /path/to/.env
# - /path/to/.env.local
# Azure Key Vault Environment References
# ---------------------------------------
# List of AKV secret URLs to load during initialization.
# Each secret's value must be the full contents of a .env file.
# Loaded after env_files, so AKV secrets take precedence.
# Authentication uses DefaultAzureCredential (managed identity, Azure CLI, etc.).
#
# Requires: pip install azure-keyvault-secrets
#
# Example:
# env_akv_ref:
# - https://my-vault.vault.azure.net/secrets/my-pyrit-env
# Max Concurrent Scenario Runs
# ----------------------------
# Maximum number of scenario runs that can execute concurrently in the backend.
# Applies only to the pyrit_backend server.
max_concurrent_scenario_runs: 3
# Custom Initializer Registration (REST API)
# -------------------------------------------
# When true, the REST API accepts POST /api/initializers to register custom
# initializer scripts and DELETE /api/initializers/{name} to remove custom
# initializers.
#
# ⚠️ WARNING: Enabling this allows arbitrary Python code execution on the
# server via the REST API. Only enable on trusted networks.
# The pyrit_backend default host is localhost, which limits exposure.
# If you bind to 0.0.0.0, ensure you are on a trusted network.
#
# Default: false
allow_custom_initializers: false
# Silent Mode
# -----------
# If true, suppresses print statements during initialization.
# Useful for non-interactive environments or when embedding PyRIT in other tools.
silent: false