AI Pentest Safety And Authorization
Purple Firefish pentesting is for authorized defensive testing only. The platform is safe-by-default and should fail closed when scope, target, or run-mode requirements are missing.
Authorization Scope
Every engagement should record:
- Owner.
- Approved targets.
- Allowed hosts.
- Allowed module IDs or categories.
- Approved run modes.
- Approval reference.
- Expiration date.
Campaigns should not run without this metadata.
Safe Defaults
- Feature flag disabled by default.
- Dry-run first.
- Local-only mode by default.
- Synthetic canary payloads only.
- Rate limits and maximum prompt budgets.
- Kill switch.
- No destructive actions by default.
- Public internet targets blocked unless explicitly allowlisted.
- Raw prompt replay disabled by default.
Evidence Controls
Evidence should use:
- Redacted previews.
- Hashes.
- Synthetic canary IDs.
- Safe summaries.
- Audit events.
Do not display raw malicious prompt text, real credentials, real secrets, or full tool payloads in normal UI or public docs.
What Firefish Does Not Claim
Firefish does not guarantee security, certify compliance, or replace human authorization and review. It provides local controls, repeatable tests, and evidence to support a broader security program.
