Purple Firefish logoPurple Firefish
Safe demo

See Firefish stop AI risk before action.

The public demo uses synthetic examples and fake targets. It shows the same product story as the operator app without exposing raw malicious content or real secrets.

AI Pentest scenario

A tester creates an authorized local campaign against deterministic fake agent, gateway, and synthetic RAG target fixtures such as vulnerable_chatbot, protected_firefish_gateway, vulnerable_rag_corpus, and protected_tool_agent. Firefish runs safe modules, records whether the gateway blocked or reported issues, and produces redacted findings.

1. Scope

Targets: vulnerable_tool_agent and protected_tool_agent. RAG sources: vulnerable_rag_corpus and protected_rag_corpus. Authorization: localhost lab only.

2. Campaign

Modules: recon, RAG citation integrity, tool-send approval, synthetic canary leakage, and output handling.

3. Gateway result

Firefish blocks unsafe external-send behavior, flags source confusion for review, and stores evidence by hash and redacted preview.

4. Report

The report lists findings, OWASP/MITRE mappings, Firefish protection outcomes, and coverage matrix counts without raw payloads.

Why this matters

Security teams need to know whether AI applications can resist prompt injection, indirect RAG instructions, unsafe tool calls, leakage, and output handling failures. Firefish helps test those paths with safe synthetic payloads before real attackers find them.