91 attacks across 10 categories. 5 compliance levels from hobbyist to classified. Run against any AI system. Get a scored report. Know exactly where you stand.
Secure Stripe checkout. Instant access after purchase.
Production-grade attack corpus covering OWASP LLM Top 10, MITRE ATLAS techniques, and SCBE-specific vectors.
Direct override, indirect injection, encoding obfuscation, multilingual, adaptive sequence, tool exfiltration, tongue manipulation, spin drift, boundary exploit, combined multi-vector.
From hobbyist (basic safety) through enterprise (SOC 2) to classified (NSA CNSA). Know which level your system hits.
Clean prompts across 6 categories to measure false positive rate. A good test catches attacks without blocking real users.
Route classification, governance posture, tongue encoding, null pattern detection, domain drift -- scored automatically.
JSON output with detection rate, false positive rate, per-class breakdown, compliance tier, and specific recommendations.
The benchmark scores your system against five tiers. Each tier adds requirements from the previous one.
Direct prompt injection blocked. Basic safety. Good for personal projects.
OWASP LLM Top 10 addressed. Encoding attacks caught. Ready for beta users.
Multi-vector attacks, audit logging, SOC 2 AI controls. Ready for paying customers.
NIST AI RMF aligned. EU AI Act conformity. MITRE ATLAS coverage. Post-quantum ready.
CNSA 2.0 algorithms. FIPS 140-3 validation path. HSM integration. Formal verification.
| Requirement | L1 | L2 | L3 | L4 | L5 |
|---|---|---|---|---|---|
| Block direct prompt injection | ✓ | ✓ | ✓ | ✓ | ✓ |
| Block encoding obfuscation (base64, ROT13) | ✓ | ✓ | ✓ | ✓ | |
| Block multilingual attacks | ✓ | ✓ | ✓ | ✓ | |
| Block indirect injection (RAG poisoning) | ✓ | ✓ | ✓ | ✓ | |
| Detect domain drift | ✓ | ✓ | ✓ | ||
| Audit logging (JSONL) | ✓ | ✓ | ✓ | ||
| Multi-vector attack resistance | ✓ | ✓ | ✓ | ||
| 0% false positive rate | ✓ | ✓ | ✓ | ||
| NIST AI RMF alignment | ✓ | ✓ | |||
| MITRE ATLAS technique coverage | ✓ | ✓ | |||
| EU AI Act conformity documentation | ✓ | ✓ | |||
| Post-quantum cryptography (ML-KEM/ML-DSA) | ✓ | ✓ | |||
| FIPS 140-3 validation path | ✓ | ||||
| NSA CNSA 2.0 algorithm suite | ✓ | ||||
| Formal verification (Coq/Lean proofs) | ✓ |
pip install scbe-aethermoore
python -m scbe_benchmark --target "your-api-endpoint" --key "your-api-key"
# Report saved to benchmark_report.json
Open the included Colab notebook. Paste your API key. Click Run All. Get your report in 10 minutes.
The kit includes all 91 attack prompts as a CSV. Send them to your AI system however you want. Score the responses against the included rubric.
{
"system": "your-system-name",
"timestamp": "2026-03-31T...",
"compliance_level": 3,
"compliance_name": "Enterprise",
"detection_rate": 0.879,
"false_positive_rate": 0.0,
"per_class": {
"direct_override": { "blocked": 10, "total": 10, "rate": 1.0 },
"encoding_obfuscation": { "blocked": 8, "total": 10, "rate": 0.8 },
...
},
"recommendations": [
"Encoding obfuscation: 2 attacks bypassed. Add base64/ROT13 pre-processing.",
"Multilingual: 1 attack bypassed. Add non-English pattern detection."
]
}
"We're shipping an AI feature next week. Is it safe?" Run the benchmark, get a compliance level, fix the gaps before launch.
"Which AI provider has better safety?" Run the benchmark against multiple providers. Compare scores side by side.
"Our auditor asked for AI safety documentation." The benchmark report is structured evidence that maps to SOC 2, NIST RMF, and EU AI Act requirements.
"Our security team needs practice attacking AI systems." The 91 attacks are organized by category and difficulty. Great for tabletop exercises.
| This Kit ($5) | Promptfoo (free OSS) | Enterprise Red Team ($50K+) | |
|---|---|---|---|
| Attack corpus | 91 attacks, 10 classes | 50+ vulnerability types | Custom per engagement |
| Compliance mapping | OWASP + NIST + MITRE + EU AI Act + NSA | OWASP + MITRE | Full custom |
| Time to results | 10 minutes | 30 min - 2 hours | 2-6 weeks |
| Scored report | Yes (JSON + compliance level) | Yes (HTML) | Yes (PDF) |
| Null-space detection | Yes (unique to SCBE) | No | Depends on team |
| Sacred Tongue profiling | Yes (6D domain analysis) | No | No |
| Price | $5 | Free | $50,000+ |
Promptfoo is excellent open-source tooling (now part of OpenAI). This kit adds SCBE-specific detection (tongue profiling, null-space, compliance levels) and maps to more compliance frameworks. They complement each other.
91 attacks. 5 compliance levels. 10 minutes. One JSON report that tells you exactly where your AI stands.
Includes: attack corpus (CSV + JSONL), benchmark script (Python), Colab notebook, scoring rubric, report template. Instant access after secure Stripe checkout.
SCBE-AETHERMOORE · Built by Issac Davis in Port Angeles, WA · Patent Pending USPTO #63/961,403