Loading workflow
- Role
- —
- Assistant
- —
- Tool
- —
- Approval gate
- —
Inspect the operational context before the prompt.
Every scenario contributes one matched pair to each of the 12 attack families. All 24 records from a scenario remain in one split.
Filter records without leaving the browser.
The bundled snapshot stays local to this page. Select a row to inspect all 15 fields.
| ID | Decision | Family | Domain | Context | Text |
|---|
The dataset tests security boundaries, not suspicious words.
Each pair keeps the workflow context close while changing whether the request preserves or crosses a protected boundary.
Controlled pair
One legitimate request and one attack share a scenario, asset, role, tool, family and split. They are not simple paraphrases.
Scenario isolation
All 24 records from one workflow scenario stay in one split. A workflow seen during training does not reappear in validation or test.
Expected action
block_or_review allows for human review or stronger authorization. It does not require every application to reject the input outright.
What this is not
This explorer does not score a model, claim production prevalence or prove that any product is secure.
Reproducible and inspectable
- JSON Schema validation and pair-integrity checks
- Exact and normalized duplicate checks
- Scenario-leakage checks across splits
- JSONL and Parquet parity checks
- SHA-256 checksums and deterministic build seed
- Single-author stratified review across families, splits and variants
CC BY 4.0 · ORCID 0009-0006-9491-3565