Reference
Complete reference for the lakera-red-sdk package.
TypeScript
Python
Requires Node.js 22+. Install with npm install lakera-red-sdk.
LakeraRedClient
The main entry point. Creates targets and initiates scans.
TypeScript
Python
Constructor Options
TypeScript
Python
Creating a Scan
Creates a target (or reuses one by name) and creates a scan. Returns a Scan
instance. The scan does not begin execution until scan.run() is called.
TypeScript
Python
ReconContext
Describes your application so Red can tailor attacks to its capabilities and restrictions.
TypeScript
Python
YAML file (app-context.yaml):
TypeScript
Python
CustomObjective
Defines a custom attack objective inline. Custom objectives are passed directly in the scan request and never persisted to the objectives catalog.
TypeScript
Python
Custom objectives can be combined with standard objectives. Keys must not overlap with any IDs in objectives.
Scan
Manages scan execution and result retrieval.
Properties
TypeScript
Python
The dashboardLink / dashboard_link property returns the URL to the scan’s page on
the Lakera Red dashboard. The server automatically redirects to the progress view while
the scan is still running. Available immediately after creating the scan.
Run
Executes the scan. Polls the server for attack messages and invokes your handler for each concurrent session. Returns when the scan completes or times out.
TypeScript
Python
Use the finally block to release agent resources (connections, memory) once a session
ends. This is especially important for crescendo sessions that maintain
state across multiple turns.
Behavior:
- If no app context was provided, the SDK first runs a reconnaissance phase using the same handler to learn about your application. Your handler will receive a few initial prompts as part of this phase before the actual attack sessions begin.
- Manages concurrent sessions up to the configured
concurrencylimit - Retries on network errors with exponential backoff (1s–5s)
- Stops automatically after 3 minutes of inactivity (no messages from server)
- If your handler throws/raises before calling
respond(), the SDK submits an error to the server on your behalf
Get Results
Retrieves evaluated scan results.
TypeScript
Python
Returns a ScanResults object:
Get Dashboard Link
Returns the URL to the scan’s report page on the Lakera Red dashboard. The server automatically redirects to the progress view while the scan is still running.
TypeScript
Python
Write Results
Writes results to a JSON file and returns the resolved absolute path.
TypeScript
Python
Session
Passed to your scan.run() handler. An async iterable that yields attack messages.
TypeScript
Python
SessionMessage
TypeScript
Python
ScanResultEntry
Each entry in the results array:
TypeScript
Python
Evaluation
Logging
The SDK outputs structured JSON logs to stderr by default, keeping stdout clean for your application output.
Configuration
Control log verbosity via the logLevel / log_level constructor parameter or the
LAKERA_RED_LOG_LEVEL environment variable:
Custom Logger
Provide your own logger to integrate with your existing observability stack:
TypeScript
Python
Logger Utilities
TypeScript
Python
Examples Helper
TypeScript
Python
Installing lakera-red-sdk also installs a lakera-red-sdk command for
bootstrapping example projects.
The bundled examples are pinned to the installed SDK version, so they always match the package you’re using.
Strategies
The strategy controls how the SDK generates adversarial prompts.
TypeScript
Python
Static
Sends a fixed set of adversarial prompts per objective. Each prompt is independent — there is no conversational escalation between turns. This makes static scans fast, deterministic, and well-suited for CI gates where you want quick, reproducible results.
TypeScript
Python
Crescendo
A multi-turn strategy where the attacker gradually escalates over several conversational turns within a single session. Crescendo better simulates real-world persistent attackers and tests whether your agent can maintain its guardrails under sustained conversational pressure.
TypeScript
Python
Smoke
Server-defined canned probes for a quick sanity check. Objectives are ignored — the server uses its own fixed probe set.
TypeScript
Python
Choosing a Strategy
Choose static for fast regression checks and crescendo for deeper adversarial
evaluation during pre-release security reviews.
Objective IDs
Pass these IDs in the objectives array/list when creating a scan. If you omit
objectives, all objectives across all categories are included (except when using the
smoke strategy, which uses its own fixed probe set).
You can also define your own objectives using customObjectives (TypeScript) or custom_objectives (Python). See CustomObjective.
Security
Safety
Responsible
For detailed descriptions of what each objective tests, see Attack Coverage.