nirbarazida
/
promptfoo
mirror of https://github.com/promptfoo/promptfoo


  
1

	
2

	
3

	
4

	
5

	
6

	
7

	
8

	
9

	
10

	
11

	
12

	
13

	
14

	
15

	
16

	
17

	
18

	
19

	
20

	
21

	
22

	
23

	
24

	
25

	
26

	
27

	
28

	
29

	
30

	
31

	
32

	
33

	
34

	
35

	
36

	
37

	
38

	
39

	
40

	
41

	
42

	
43

	
44

	
45

	
46

	
47

	
48

	
49

	
50

	
51

	
52

	
53

	
54

	
55

	
56

	
57

	
58

	
59

	
60

	
61

	
62

	
63

	
64

	
65

	
66

	
67

	
68

	
69

	
70

	
71

	
72

	
73

	
74

	
75

	
76

	
77

	
78

	
79

	
80

	
81

	
82

	
83

	
84

	
85

	
86

	
87

	
88

	
89

	
90

	
91

	
92

	
            <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 750">
  <style>
    text {
      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif;
      font-size: 14px;
    }
    .title {
      font-size: 20px;
      font-weight: bold;
    }
    .phase-title {
      font-size: 16px;
      font-weight: bold;
    }
    .small-text {
      font-size: 12px;
    }
  </style>
  
  <!-- Title -->
  <text x="500" y="40" text-anchor="middle" class="title" fill="#1e293b">GOAT Attack Implementation Flow</text>

  <!-- Phase 1: Input Analysis -->
  <rect x="300" y="80" width="400" height="100" fill="#f8fafc" stroke="#64748b" stroke-width="2" rx="5"/>
  <text x="500" y="105" text-anchor="middle" class="phase-title" fill="#334155">Input Analysis</text>
  <text x="340" y="135" fill="#475569">• Analyze previous model response</text>
  <text x="340" y="155" fill="#475569">• Evaluate response patterns</text>
  
  <!-- Arrow with more space -->
  <path d="M 500 180 L 500 260" stroke="#94a3b8" stroke-width="2" marker-end="url(#arrowhead)"/>

  <!-- Phase 2: Strategy Selection - moved down -->
  <rect x="50" y="260" width="900" height="320" fill="#f8fafc" stroke="#64748b" stroke-width="2" rx="5"/>
  <text x="500" y="285" text-anchor="middle" class="phase-title" fill="#334155">Attack Strategy Selection</text>

  <!-- Direct Methods Box - Blue theme -->
  <rect x="80" y="310" width="200" height="100" fill="#eff6ff" stroke="#2563eb" rx="4"/>
  <text x="180" y="330" text-anchor="middle" font-weight="bold" fill="#1d4ed8">Direct Methods</text>
  <text x="100" y="355" class="small-text" fill="#1e40af">• Refusal Suppression</text>
  <text x="100" y="375" class="small-text" fill="#1e40af">• Context Manipulation</text>
  <text x="100" y="395" class="small-text" fill="#1e40af">• Response Priming</text>

  <!-- Psychological Methods Box - Blue theme -->
  <rect x="300" y="310" width="200" height="100" fill="#eff6ff" stroke="#2563eb" rx="4"/>
  <text x="400" y="330" text-anchor="middle" font-weight="bold" fill="#1d4ed8">Psychological Methods</text>
  <text x="320" y="355" class="small-text" fill="#1e40af">• Emotional Triggering</text>
  <text x="320" y="375" class="small-text" fill="#1e40af">• Authority Impersonation</text>

  <!-- Indirect Methods Box - Blue theme -->
  <rect x="520" y="310" width="200" height="100" fill="#eff6ff" stroke="#2563eb" rx="4"/>
  <text x="620" y="330" text-anchor="middle" font-weight="bold" fill="#1d4ed8">Indirect Methods</text>
  <text x="540" y="355" class="small-text" fill="#1e40af">• Hypothetical Framing</text>
  <text x="540" y="375" class="small-text" fill="#1e40af">• Topic Splitting</text>
  <text x="540" y="395" class="small-text" fill="#1e40af">• Dual Response</text>

  <!-- Advanced Methods Box - Blue theme -->
  <rect x="740" y="310" width="200" height="100" fill="#eff6ff" stroke="#2563eb" rx="4"/>
  <text x="840" y="330" text-anchor="middle" font-weight="bold" fill="#1d4ed8">Advanced Methods</text>
  <text x="760" y="355" class="small-text" fill="#1e40af">• Persona Modification</text>
  <text x="760" y="375" class="small-text" fill="#1e40af">• Opposite Intent</text>

  <!-- Vertical connecting lines from strategy boxes -->
  <path d="M 180 410 L 180 440" stroke="#94a3b8" stroke-width="1"/>
  <path d="M 400 410 L 400 440" stroke="#94a3b8" stroke-width="1"/>
  <path d="M 620 410 L 620 440" stroke="#94a3b8" stroke-width="1"/>
  <path d="M 840 410 L 840 440" stroke="#94a3b8" stroke-width="1"/>
  
  <!-- Horizontal connecting line -->
  <path d="M 180 440 L 840 440" stroke="#94a3b8" stroke-width="1"/>
  
  <!-- Vertical line to implementation box -->
  <path d="M 500 440 L 500 470" stroke="#94a3b8" stroke-width="1"/>

  <!-- Strategy Implementation Box -->
  <rect x="200" y="470" width="600" height="60" fill="#f1f5f9" stroke="#64748b" rx="4"/>
  <text x="500" y="505" text-anchor="middle" font-weight="bold" fill="#334155">Apply Jailbreak Strategy</text>

  <!-- Arrow with adjusted space -->
  <path d="M 500 530 L 500 650" stroke="#94a3b8" stroke-width="2" marker-end="url(#arrowhead)"/>

  <!-- Phase 3: Output Generation - Red theme -->
  <rect x="300" y="650" width="400" height="60" fill="#fee2e2" stroke="#dc2626" stroke-width="2" rx="5"/>
  <text x="500" y="685" text-anchor="middle" class="phase-title" fill="#991b1b">Generated Attack Prompt</text>

  <!-- Arrowhead definition -->
  <defs>
    <marker id="arrowhead" markerWidth="10" markerHeight="7" refX="9" refY="3.5" orient="auto">
      <polygon points="0 0, 10 3.5, 0 7" fill="#94a3b8"/>
    </marker>
  </defs>

</svg>