Introduction
Welcome to the Lab Book instructions for Steve's Chat Playground!
This project provides hands-on experience with LLM/Gen AI security concepts. You can approach this in two ways:
- Free Play: Just go play with the deployed app (either locally or with the deployed demo)
- Structured Learning: Follow this Lab Book for a guided path through many security concepts
Each lab includes several exercises with varying skill levels:
Skill Level 1
No special skills required
Skill Level 2
Some sysadmin or developer knowledge
Skill Level 3
Requires real developer skills
Note: L1 and L2 skill requirements are not extremely deep - almost anyone can work through them if they want to try. You can skip advanced exercises and still proceed to the next lab. Only L3 requires real developer chops.
Prerequisites: The most common requirement will be an OpenAI API key (to power models). Most exercises can be run for free with no external requirements.
Lab Exercises
Lab 1: First Steps
Get familiar with the playground project and meet Eliza, a simple local chatbot. Learn about the project structure and basic bot functionality.
Lab 2: Broken Bot
Meet Oscar, a simulated jailbroken bot, and learn about guardrails. Explore how simple filters can prevent harmful content and understand basic security measures.
Lab 3: Locking the Front Door and Back Door
Fight prompt injection attacks and learn about output filtering. Understand how to protect against both input and output vulnerabilities in AI systems.
Lab 4: Simple vs. Smart
Compare local filters with AI-powered moderation. Learn about advanced prompt injection techniques and automated testing for security measures.
Lab 5: Go Bananas
Advanced exercises for developers! Create custom blocklists, build PII guardrails, and develop robust security measures. Everything here is extra credit.