sha256: + SHA-256 of RFC 8785 JCS) so it recomputes byte for byte, offline.
Install
Test modes
| Mode | What it checks |
|---|---|
unit | one decision in isolation (tool choice, parameter, refusal) |
workflow | a full flow: quote, consent, authorisation, settlement, receipt |
persona | multi-turn dialogue under ambiguity, pressure, social engineering |
redteam | adversarial prompts, policy conflicts, manipulated tool output |
runtime | scores in-flight and halts on a severity breach, not only at the end |
regression | replays fixed goldens so drift is attributable to the exact ref that moved |
Scenario packs
Seven selectable packs, not one monolith:tool-misuse, aml-edgecase, persona, long-context,
multi-agent, data-protection, runtime. Together they exercise all seven of the OWASP LLM Top-10 categories the
bench maps (LLM01, LLM02, LLM05, LLM06, LLM07, LLM08, LLM09).
Scores
Five per run, each content-addressed: outcome (ended safely and correctly), trace (each step justified and policy-aligned), trust (per-turn grounding and honesty), cost/latency, and severity-weighted (an unsafe success is penalised far more than a safe refusal, so “passed but dangerously” fails harder than a cautious block).Verify it yourself
Every scored run is anatb_run_v2 object whose run_ref is the SHA-256 over its canonical JSON,
Falcon-1024 signed by the bench. Recompute the ref from the object’s own fields to confirm it, and
run algovoi-atb-vnext verify to check the signed corpus (positives recompute, tamper negatives
diverge) against the AlgoVoi Ed25519 corpus key. No trust in the bench is required; the maths is
open and the two standards (RFC 8785, SHA-256) are all you need.