Lakera RedSDK

Quickstart

The Lakera Red SDK (lakera-red-sdk) lets you run adversarial scans programmatically. Use it to integrate red teaming into CI/CD pipelines, test custom agent flows, or automate security assessments without the web UI.

The SDK is outbound-only: your process pulls attack prompts from the Red API over HTTPS, so you don’t need to expose any inbound endpoints or open inbound firewall rules. See SDK Deployment for network requirements, proxy configuration, and runtime details.

Prerequisites

Install

$npm install lakera-red-sdk

Try a Runnable Example

The SDK includes ready-to-run examples to help you get started quickly. Copy them into your project, add your API key, and run — you’ll have a working scan you can adapt to your own agent.

$npx lakera-red-sdk init-examples
$cd lakera-red-examples/echo
$cp .env.example .env        # add your LAKERA_RED_API_KEY
$npm install
$npm start

See the examples helper reference for the full list of examples and commands.

Run Your First Scan

1

Initialize the client

Create a LakeraRedClient with your API key and the Red API base URL.

1import { LakeraRedClient } from "lakera-red-sdk";
2
3const client = new LakeraRedClient({
4  apiKey: process.env.LAKERA_RED_API_KEY,
5  baseUrl: "https://red-webhooks.lakera.ai",
6});
2

Create a scan

Define what you want to test. The target name is reused across scans — if a target with that name already exists, the SDK uses it.

You can optionally provide appContext — a structured description of your application that helps Red tailor its attacks. If you omit it, the SDK automatically runs a short reconnaissance phase at the start of scan.run() to learn about your agent.

1const scan = await client.createScan({
2  name: "CI nightly security check",
3  target: "my-agent",
4  appContext: {
5    appDescription: "A customer support chatbot that can look up orders and process refunds",
6    allowedActions: "Look up order status, process refunds, answer product questions",
7    forbiddenActions: "Reveal internal pricing rules, share other customers' data",
8  },
9  strategy: { name: "static" },
10  objectives: ["security.prompt-extraction.1", "safety.harmful-content.1"],
11  concurrency: 5,
12});

Alternatively, load the context from a YAML file:

1const scan = await client.createScan({
2  name: "CI nightly security check",
3  target: "my-agent",
4  appContextFile: "./app-context.yaml",
5  strategy: { name: "static" },
6  objectives: ["security.prompt-extraction.1", "safety.harmful-content.1"],
7  concurrency: 5,
8});
3

Handle attack sessions

The scan.run() method drives the scan. For each concurrent session, your handler receives adversarial prompts and submits your agent’s responses.

You can also follow the scan’s progress in the dashboard at https://red.lakera.ai/scans/<scanId>/progress.

1await scan.run(async (session) => {
2  try {
3    for await (const { attack, respond } of session) {
4      // Forward the attack to your agent
5      const reply = await myAgent.chat(attack);
6
7      // Send the response back to Red for evaluation
8      await respond(reply);
9    }
10  } finally {
11    // Clean up agent resources when the session ends
12    await myAgent.shutdown();
13  }
14});

Each session may contain multiple turns (especially with the crescendo strategy). The async iterator handles this naturally — just keep looping. The finally block ensures your agent is properly shut down once the session completes or errors out.

4

Retrieve results

Once run() completes, fetch the evaluated results.

1const results = await scan.getResults();
2console.log(`Ready: ${results.ready}`);
3console.log(`Issues found: ${results.results?.filter((r) => r.evaluation).length}`);

You can also write results directly to a file:

1const path = await scan.writeResults("./red-results.json");
2console.log(`Results saved to ${path}`);

Full Example

1import { LakeraRedClient } from "lakera-red-sdk";
2
3const client = new LakeraRedClient({
4  apiKey: process.env.LAKERA_RED_API_KEY,
5  baseUrl: "https://red-webhooks.lakera.ai",
6  logLevel: "info",
7});
8
9const scan = await client.createScan({
10  name: "Nightly security scan",
11  target: "my-chatbot",
12  appContext: {
13    appDescription: "A customer support chatbot that can look up orders and process refunds",
14    allowedActions: "Look up order status, process refunds, answer product questions",
15    forbiddenActions: "Reveal internal pricing rules, share other customers' data",
16  },
17  strategy: { name: "crescendo", maxTurns: 15 },
18  objectives: [
19    "security.prompt-extraction.1",
20    "security.instruction-override.1",
21    "safety.harmful-content.1",
22  ],
23  concurrency: 3,
24});
25
26await scan.run(async (session) => {
27  try {
28    for await (const { attack, respond } of session) {
29      const reply = await myAgent.chat(attack);
30      await respond(reply);
31    }
32  } finally {
33    await myAgent.shutdown();
34  }
35});
36
37const results = await scan.getResults();
38await scan.writeResults("./red-results.json");
39
40const failures = results.results?.filter((r) => r.error);
41if (failures?.length) {
42  console.error(`${failures.length} objectives failed`);
43  process.exit(1);
44}

Next Steps