-
Feature
-
Resolution: Unresolved
-
Critical
-
None
-
None
-
False
-
-
False
Overview / Goal
Update the existing container image at opendatahub-io/llama-stack-provider-trustyai-garak to replace its current Garak dependency (upstream NVIDIA/garak) with the TrustyAI midstream fork (trustyai-explainability/garak, branch automated-red-teaming). This enables Chatterbox-style security testing capabilities for Red Hat AI's EvalHub as part of the Summit 2026 deliverable (RHAISTRAT-1178).
This does not require onboarding a new container image or product component — only updating an existing dependency and rebuilding.
Problem Statement
Red Hat AI needs to deliver Chatterbox security testing via Garak for Summit 2026. The upstream Garak (NVIDIA/garak) does not contain the Chatterbox-specific security logic (taxonomy + attack strategies). Due to time constraints for Summit deliverables, this logic is being developed in a midstream fork rather than contributed upstream first. The existing KFP container image (opendatahub-io/llama-stack-provider-trustyai-garak) currently pulls Garak from PyPI (upstream), and needs to be updated to use the midstream fork so the container can run the Chatterbox pre-processing, evaluation, and report generation flows.
Context / Current Situation
- Garak from NVIDIA is already an approved wheel on the RH AI Python Index.
- The KFP component container image already exists at opendatahub-io/llama-stack-provider-trustyai-garak (Containerfile).
- The midstream fork with Chatterbox security testing logic lives at trustyai-explainability/garak (branch: automated-red-teaming).
- The wrapper code (pre-processing + report generation) is developed in trustyai-explainability/llama-stack-provider-trustyai-garak PR #77, which will eventually be merged into the opendatahub-io repo.
- The wrapper code runs from inside the Docker container that has the midstream Garak dependency installed — hence the need for an updated image with the custom midstream dependency.
- Related to AIPCC-10008 (Build & provide packages for agentic frameworks & evals on the RH AI Python Index).
- Related to AIPCC-10068 (Onboarding garak 0.14.0)
What Needs to Happen
- Approve updating the Garak dependency in opendatahub-io/llama-stack-provider-trustyai-garak Containerfile to pull from the midstream fork (trustyai-explainability/garak, branch automated-red-teaming) instead of upstream PyPI (NVIDIA/garak).
- Rebuild the container image with the updated dependency.
- Ensure the rebuilt image passes existing CI/build requirements.
- No new image onboarding is needed — this is a dependency swap and rebuild of an already-onboarded image.
Success Criteria
- The rebuilt llama-stack-provider-trustyai-garak container image includes the midstream Garak fork with Chatterbox security testing capabilities.
- The image can be used by EvalHub / KFP to run Chatterbox-style security evaluations against target models.
- No new container image or product component onboarding is required.
References
- Dependant feature: RHAISTRAT-1178 — [Summit] Chatterbox Security Testing via Garak (Backend Evaluation Flow)
- Related: AIPCC-10008 — Build & provide packages for agentic frameworks & evals on the RH AI Python Index
- Upstream Garak: https://github.com/NVIDIA/garak
- Midstream fork: https://github.com/trustyai-explainability/garak/tree/automated-red-teaming
- Container image source: https://github.com/opendatahub-io/llama-stack-provider-trustyai-garak