Vect0rdecay Vect0rdecay
Vect0rdecay
/ gist:f2e04400287a489d7fde97a0b1f7e2f6
Last active
November 16, 2025 20:15
HL APE Framework Offensive Playbook for REFRAG Enabled AI Systems
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~HL APE Framework Offensive Playbook for REFRAG Enabled AI Systems | |
| Using HiddenLayer's APE framework style, I created a specific instantiation of it for when testing AI systems that are using Meta's new (Sept 2025) REFRAG system for their RAG architecture. ***Keep in mind a lot of these tests would need white box access which clients often provide when asking you to test their systems. However, if you're using this for bug bounty or a client won't give access then there will be obvious limitations to the info below.*** | |
| ************************************************************************* | |
| Every threat is explicitly marked as one of: | |
| (DG) = Directly grounded in REFRAG (i.e., originates directly from documented behavior in the REFRAG paper) | |
| (DD) = Deployment-dependent (i.e., depends on how a real-world system deploys REFRAG components) | |
| (AE) = Adversarial extrapolation—plausible, but requires testing (i.e., grounded in standard adversarial ML reasoning but not proven harmful in REFRAG) | |
| ********************* |