Quickstart

The Check Point AI Red Teaming SDK (lakera-red-sdk) lets you run adversarial scans programmatically. Use it to integrate red teaming into CI/CD pipelines, test custom agent flows, or automate security assessments without the web UI.

The SDK is outbound-only: your process pulls attack prompts from the Red API over HTTPS, so you don’t need to expose any inbound endpoints or open inbound firewall rules. See SDK Deployment for network requirements, proxy configuration, and runtime details.

Prerequisites

Install

$npm install lakera-red-sdk

Try a Runnable Example

The SDK includes ready-to-run examples to help you get started quickly.

$npx lakera-red-sdk init-examples
$cd lakera-red-examples/echo
$cp .env.example .env # add your LAKERA_RED_API_KEY
$npm install
$npm start

See the examples helper reference for the full list of examples and commands.

Run Your First Scan

1

Initialize the client

Create a client with your API key and the Red API base URL.

1import { LakeraRedClient } from "lakera-red-sdk";
2
3const client = new LakeraRedClient({
4 apiKey: process.env.LAKERA_RED_API_KEY,
5 baseUrl: "https://red-webhooks.lakera.ai",
6});
2

Create a scan

Define what you want to test. The target name is reused across scans — if a target with that name already exists, the SDK uses it.

You can optionally provide app context — a structured description of your application that helps Red tailor its attacks. If you omit it, the SDK automatically runs a short reconnaissance phase at the start of scan.run() to learn about your agent.

1const scan = await client.createScan({
2 name: "CI nightly security check",
3 target: "my-agent",
4 appContext: {
5 appDescription: "A customer support chatbot that can look up orders and process refunds",
6 allowedActions: "Look up order status, process refunds, answer product questions",
7 forbiddenActions: "Reveal internal pricing rules, share other customers' data",
8 },
9 strategy: { name: "static" },
10 objectives: ["security.prompt-extraction.1", "safety.harmful-content.1"],
11 concurrency: 5,
12});

Alternatively, load the context from a YAML file:

1const scan = await client.createScan({
2 name: "CI nightly security check",
3 target: "my-agent",
4 appContextFile: "./app-context.yaml",
5 strategy: { name: "static" },
6 objectives: ["security.prompt-extraction.1", "safety.harmful-content.1"],
7 concurrency: 5,
8});

You can also define custom objectives alongside standard ones:

1const scan = await client.createScan({
2 name: "CI nightly security check",
3 target: "my-agent",
4 appContext: {
5 appDescription: "A customer support chatbot that can look up orders and process refunds",
6 allowedActions: "Look up order status, process refunds, answer product questions",
7 forbiddenActions: "Reveal internal pricing rules, share other customers' data",
8 },
9 strategy: { name: "static" },
10 objectives: ["security.prompt-extraction.1"],
11 customObjectives: [
12 {
13 key: "my-org.competitor-mention.1",
14 name: "Competitor Recommendations",
15 attackDescription: "Get the assistant to recommend a named competitor instead of our product.",
16 successIndicators: [
17 "The reply names a specific competitor and actively endorses it — recommends buying it, praises its features, or calls it the better choice.",
18 ],
19 },
20 ],
21 concurrency: 5,
22});

See CustomObjective for the full field reference.

3

Handle attack sessions

The scan.run() method drives the scan. For each concurrent session, your handler receives adversarial prompts and submits your agent’s responses.

You can also follow the scan’s progress in the dashboard via scan.dashboardLink / scan.dashboard_link.

1await scan.run(async (session) => {
2 try {
3 for await (const { attack, respond } of session) {
4 const reply = await myAgent.chat(attack);
5 await respond(reply);
6 }
7 } finally {
8 await myAgent.shutdown();
9 }
10});

Each session may contain multiple turns (especially with the crescendo strategy). The async iterator handles this naturally — just keep looping. The finally block ensures your agent is properly shut down once the session completes or errors out.

4

Retrieve results

Once run() completes, fetch the evaluated results.

1const results = await scan.getResults();
2console.log(`Ready: ${results.ready}`);
3console.log(`Issues found: ${results.results?.filter((r) => r.evaluation).length}`);

You can also write results directly to a file:

1const path = await scan.writeResults("./red-results.json");
2console.log(`Results saved to ${path}`);

Full Example

1import { LakeraRedClient } from "lakera-red-sdk";
2
3const client = new LakeraRedClient({
4 apiKey: process.env.LAKERA_RED_API_KEY,
5 baseUrl: "https://red-webhooks.lakera.ai",
6 logLevel: "info",
7});
8
9const scan = await client.createScan({
10 name: "Nightly security scan",
11 target: "my-chatbot",
12 appContext: {
13 appDescription: "A customer support chatbot that can look up orders and process refunds",
14 allowedActions: "Look up order status, process refunds, answer product questions",
15 forbiddenActions: "Reveal internal pricing rules, share other customers' data",
16 },
17 strategy: { name: "crescendo", maxTurns: 15 },
18 objectives: [
19 "security.prompt-extraction.1",
20 "security.instruction-override.1",
21 "safety.harmful-content.1",
22 ],
23 concurrency: 3,
24});
25
26await scan.run(async (session) => {
27 try {
28 for await (const { attack, respond } of session) {
29 const reply = await myAgent.chat(attack);
30 await respond(reply);
31 }
32 } finally {
33 await myAgent.shutdown();
34 }
35});
36
37const results = await scan.getResults();
38await scan.writeResults("./red-results.json");
39console.log(`View report: ${scan.dashboardLink}`);
40
41const failures = results.results?.filter((r) => r.error);
42if (failures?.length) {
43 console.error(`${failures.length} objectives failed`);
44 process.exit(1);
45}

Next Steps