RedPincer — AI Red Team Suite
by @rustyorb
AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak,...
clawhub install redpincer📖 About This Skill
name: redpincer version: 1.0.0 description: "AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak, data extraction, and guardrail bypass. 20 variant transforms. Adaptive attack engine analyzes weaknesses and generates follow-ups. Heuristic response classifier, vulnerability heatmaps, regression testing, and exportable pen-test reports. For authorized security testing only." author: rustyorb keywords: [security, red-team, pentest, prompt-injection, jailbreak, llm-security, guardrail-bypass, data-extraction, vulnerability, ai-safety] metadata: openclaw: emoji: "🦞" requires: bins: ["node", "npm"]
RedPincer — AI/LLM Red Team Suite
Automated security testing for language models. Point at any LLM API endpoint, select attack modules, and run assessments with real-time results and exportable reports.
> ⚠️ For authorized security testing and research only. Only test systems you own or have explicit permission to audit.
Quick Start
# Clone and install
git clone https://github.com/rustyorb/pincer.git {baseDir}/redpincer
cd {baseDir}/redpincer
npm ciRun
npm run dev
Dashboard at http://localhost:3000
For production:
npm run build
npx next start -H 0.0.0.0 -p 3000
What It Tests
| Category | Payloads | Description | |:---------|:--------:|:------------| | 💉 Prompt Injection | 40 | Instruction override, delimiter confusion, indirect injection, payload smuggling | | 🔓 Jailbreak | 40 | Persona splitting, gradual escalation, hypothetical framing, roleplay exploitation | | 🔍 Data Extraction | 40 | System prompt theft, training data probing, membership inference, embedding extraction | | 🛡️ Guardrail Bypass | 40 | Output filter evasion, multi-language bypass, homoglyph tricks, context overflow |
Total: 160 base payloads × 20 variant transforms = 3,200 test permutations
Supported Providers
OpenAI · Anthropic · OpenRouter · Any OpenAI-compatible endpoint
Features
Attack Engine
{{previous_response}})Analysis & Reporting
Advanced Tools
| Tool | What It Does |
|:-----|:-------------|
| Compare | Same payloads against 2-4 targets simultaneously |
| Adaptive | Analyzes weaknesses, generates targeted follow-ups |
| Heatmap | Visual matrix of vulnerability rates by category/severity |
| Regression | Save baseline → re-run later → detect fixes or regressions |
| Scoring | Custom rubrics with weighted category/severity/classification scores |
| Chains | Multi-step attacks with {{previous_response}} templates |
| Payload Editor | Create custom payloads with syntax highlighting + AI generation |
Usage Workflow
1. Configure Target → Add LLM endpoint + API key + model
2. Select Categories → Pick attack types to test
3. Run Attack → Stream results in real-time
4. Review Results → Heuristic classification + severity scores
5. Adaptive → Auto-generate follow-up attacks on weaknesses
6. Generate Report → Export comprehensive findings as Markdown
Architecture
Companion Tool: RedClaw
For autonomous multi-strategy campaigns (CLI/TUI), see RedClaw — the autonomous red-teaming agent framework.
*Built by @rustyorb — Crack open those guardrails. 🦞*
💡 Examples
# Clone and install
git clone https://github.com/rustyorb/pincer.git {baseDir}/redpincer
cd {baseDir}/redpincer
npm ciRun
npm run dev
Dashboard at http://localhost:3000
For production:
npm run build
npx next start -H 0.0.0.0 -p 3000