Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 16 additions & 7 deletions examples/safety_and_security/retail_agent/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -131,17 +131,29 @@ Based on the configuration, the RedTeamingRunner will run all scenarios, perform

Defense Middleware acts as a critical layer within the agent's workflow, intercepting inputs, outputs, and intermediate steps to apply various mitigation techniques. Its primary goal is to prevent and neutralize attacks, ensuring the agent's safe and secure operation by enforcing policies and sanitizing data. The Defense Middleware enables the following mitigation techniques:

- Redaction
- Sanitization
- Filtering
- Guardrailing
**PII Defense**
- Redaction and Sanitization for PII-related risk mitigation
- Block, Sanitize, or Log sensitive outputs and warnings

**Content Safety Defense**
- Guard Models (SOTA model providers on Hugging Face and NVIDIA NIMs) for content safety–related risk mitigation
- Block, Sanitize, or Log unsafe outputs

**Rule-Based / LLM Verifier Defense**
- Filtering and Verification for general policy enforcement and sanity checks, using tool descriptions, tool inputs, and tool outputs as evaluation signals
- Block, Sanitize, or Log policy violations


---

## Retail Agent Example

This section demonstrates NASSE using a realistic retail customer service agent. We will explain how to perform risk assessment of the retail agent using NASSE's red teaming functionality.

> ⚠️ **Content Warning**: Some red teaming scenarios test the system for content safety. These scenarios contain references to self-harm and content that some may find offensive or disturbing. This is intentional for evaluating agent robustness.

> ⚠️ **Sandbox Requirement**: Any red teaming scenarios should be run in a sandbox to prevent data leakage and other harm. This example is safe to use as any unsafe agent functions are mocked and the provided data is purely fictional.

### The Retail Agent

The retail agent is a ReAct-based customer service agent for **GreenThumb Gardening Equipment**. It processes customer emails using the appropriate tools and responds to the user again via email. Note that all email and database write
Expand Down Expand Up @@ -333,9 +345,6 @@ Workflow Result:

### Red Teaming the Retail Agent

> ⚠️ **Content Warning**: Some red teaming scenarios test the system for content safety. These scenarios contain references to self-harm and content that some may find offensive or disturbing. This is intentional for evaluating agent robustness.

> ⚠️ **Sandbox Requirement**: Any red teaming scenarios should be run in a sandbox to prevent data leakage and other harm. This example is safe to use as any unsafe agent functions are mocked and the provided data is purely fictional.

**Quick Start:**

Expand Down