(
vulnerability_type: Union[VulnerabilityType, Enum],
)
| 13 | |
| 14 | |
| 15 | def getRiskCategory( |
| 16 | vulnerability_type: Union[VulnerabilityType, Enum], |
| 17 | ) -> LLMRiskCategories: |
| 18 | risk_category_map: Dict[VulnerabilityType, LLMRiskCategories] = { |
| 19 | # Responsible AI |
| 20 | **{bias: LLMRiskCategories.RESPONSIBLE_AI for bias in BiasType}, |
| 21 | **{ |
| 22 | toxicity: LLMRiskCategories.RESPONSIBLE_AI |
| 23 | for toxicity in ToxicityType |
| 24 | }, |
| 25 | # Illegal |
| 26 | **{ |
| 27 | illegal: LLMRiskCategories.ILLEGAL |
| 28 | for illegal in IllegalActivityType |
| 29 | }, |
| 30 | **{ |
| 31 | graphic: LLMRiskCategories.ILLEGAL for graphic in GraphicContentType |
| 32 | }, |
| 33 | **{safety: LLMRiskCategories.ILLEGAL for safety in PersonalSafetyType}, |
| 34 | # Brand Image |
| 35 | **{ |
| 36 | misinfo: LLMRiskCategories.BRAND_IMAGE |
| 37 | for misinfo in MisinformationType |
| 38 | }, |
| 39 | **{ |
| 40 | agency: LLMRiskCategories.BRAND_IMAGE |
| 41 | for agency in ExcessiveAgencyType |
| 42 | }, |
| 43 | **{robust: LLMRiskCategories.BRAND_IMAGE for robust in RobustnessType}, |
| 44 | **{ |
| 45 | ip: LLMRiskCategories.BRAND_IMAGE for ip in IntellectualPropertyType |
| 46 | }, |
| 47 | **{comp: LLMRiskCategories.BRAND_IMAGE for comp in CompetitionType}, |
| 48 | # Data Privacy |
| 49 | **{ |
| 50 | prompt: LLMRiskCategories.DATA_PRIVACY |
| 51 | for prompt in PromptLeakageType |
| 52 | }, |
| 53 | **{pii: LLMRiskCategories.DATA_PRIVACY for pii in PIILeakageType}, |
| 54 | # Unauthorized Access |
| 55 | **{ |
| 56 | unauth: LLMRiskCategories.UNAUTHORIZED_ACCESS for unauth in BFLAType |
| 57 | }, |
| 58 | **{ |
| 59 | unauth: LLMRiskCategories.UNAUTHORIZED_ACCESS for unauth in BOLAType |
| 60 | }, |
| 61 | **{ |
| 62 | unauth: LLMRiskCategories.UNAUTHORIZED_ACCESS for unauth in RBACType |
| 63 | }, |
| 64 | **{ |
| 65 | unauth: LLMRiskCategories.UNAUTHORIZED_ACCESS |
| 66 | for unauth in DebugAccessType |
| 67 | }, |
| 68 | **{ |
| 69 | unauth: LLMRiskCategories.UNAUTHORIZED_ACCESS |
| 70 | for unauth in ShellInjectionType |
| 71 | }, |
| 72 | **{ |
no outgoing calls
no test coverage detected