Cette page est affichée en anglais. Une traduction française est en cours.
PromptsMay 14, 2026·2 min de lecture

Anamorpher — Image-Scaling Prompt Injection Lab

trailofbits/anamorpher crafts image-scaling attacks for multimodal prompt injection; verified 1,049★ with a uv backend and browser frontend workflow.

Prêt pour agents

Installation agent prête

Cet actif peut être installé après choix du runtime, vérification du plan et exécution de la commande adaptée.

Native · 96/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Prompt
Installation
Single
Confiance
Confiance : Established
Point d'entrée
Asset
Commande d'installation directe
npx -y tokrepo@latest install 76460f4b-70b2-5592-9107-1e2015123b56 --target codex

À exécuter après confirmation du plan en dry-run.

Introduction

trailofbits/anamorpher crafts image-scaling attacks for multimodal prompt injection; verified 1,049★ with a uv backend and browser frontend workflow.

Best for: Security teams testing multimodal models and apps for downscaling-triggered hidden instructions

Works with: Python 3.11+, uv (recommended), and a browser-opened HTML frontend for visualization

Setup time: 10-25 minutes

Key facts (verified)

  • GitHub: 1049 stars · 91 forks · pushed 2026-05-11.
  • License: Apache-2.0 · owner avatar + repo URL verified via GitHub API.
  • README-backed entrypoint: uv run python backend/app.py.

Main

  • Use it as an evaluation harness: craft a payload image, then test how different downscalers reveal (or hide) the prompt injection after resizing.

  • Compare implementations: README highlights OpenCV, PyTorch, TensorFlow, and Pillow for scaling behavior differences.

  • Treat results as probabilistic: README warns outcomes vary and recommends running each example ~5 times for consistent evaluation.

Source-backed notes

  • README positions Anamorpher as a tool for crafting/visualizing image scaling attacks and provides both a frontend UI and Python API.
  • README lists supported downscaling algorithms (bicubic, bilinear, nearest neighbor) and comparison backends (OpenCV/PyTorch/TensorFlow/Pillow).
  • README setup uses uv sync, runs the backend via uv run python backend/app.py, and opens frontend/index.html in a browser.

FAQ

  • Is this for text-only LLMs?: No — README explicitly targets multi-modal AI systems where image downscaling can hide/reveal instructions.
  • Do results always reproduce?: Not always — README warns outcomes can vary and suggests running examples multiple times.
  • What’s a safe rollout?: Run it in a controlled eval environment and document the exact preprocessing pipeline (resize settings, libraries) you deploy.
🙏

Source et remerciements

Source: https://github.com/trailofbits/anamorpher > License: Apache-2.0 > GitHub stars: 1049 · forks: 91

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires