/matrix · loading…
/matrix · loading…
/matrix · 2026-07-13
Max any-breach rate per attack family Attack family One of 14 high-level categories ROGUE buckets attacks into: jailbreak, prompt injection, exfiltration, agentic-tool-abuse, weight abliteration, and so on. deployment config Deployment configuration A model + system prompt + tool set combination. "GPT-4o helpful chatbot" and "Llama-3 internal coding assistant" are different deployment configs. ROGUE tests every attack against all of them.
Worst cell
0%
nothing has breached yet
Critical cells
0
nothing in red zone
| Attack family | worst 0% |
|---|---|
, | |
, |
// cells aggregate MAX(any_breach_rate) across all primitive Attack primitive One distinct jailbreak technique, deduplicated across all the variations people posted. The atomic unit ROGUE tracks. family Attack family One of 14 high-level categories ROGUE buckets attacks into: jailbreak, prompt injection, exfiltration, agentic-tool-abuse, weight abliteration, and so on.
// each primitive Attack primitive One distinct jailbreak technique, deduplicated across all the variations people posted. The atomic unit ROGUE tracks. CI Confidence Interval "60% [95% CI: 50–70%]" means we ran enough trials to be 95% confident the true rate is between 50% and 70%. Wider interval = less certainty; we report both honestly.