Read this short guide to learn how to test your AI models with NVIDIA's open-source tool, Garak. Build safer, more trustworthy AI systems you can deploy with confidence.

Learn More

How It Works

Teams use tools like Garak to test their AI-powered applications before shipping updates. These tools help detect unsafe AI models and apps before they ever reach users, a protective security layer of product development.


You can see Garak in action with a few minutes of setup. Choose a path to start:

Use Existing API Endpoint (Fastest)

Test your deployed models directly via API integration

Jump to API Testing

Run Locally on Your Machine

Follow the steps below to run Google's open-source model, Gemma, on NVIDIA's testing framework, Garak

Select your operating system:

1

Install Ollama

Visit https://ollama.com/
Download and install from your browser, then restart terminal
Installing...

Easy Installation

Ollama is a free tool that runs AI models locally on your computer

2

Download Test Model

Terminal Command:
ollama pull gemma3:4b
Downloads a free AI model

Model Download

Secure, verified AI model from Google

3

Setup Python and pip

Note:
Skip this step if you already have Python and pip installed
If you see version numbers, you can skip to the next step
Install Homebrew (Mac):
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Homebrew is a package manager for macOS that makes installing software easy
Install Python (Mac):
brew install python
Installs Python 3 and pip automatically
Install Python (Linux):
sudo apt update && sudo apt install python3 python3-pip python3-venv
For other distributions: Fedora/RHEL: sudo dnf install python3 python3-pip python3-venv, Arch: sudo pacman -S python python-pip python-virtualenv
Install Python (Windows):
Download from https://www.python.org/downloads/ and run the installer
Download the latest Python 3 version
def
import
pip
🐍
📦

Python Setup

Install Python (the programming language that powers most AI tools) and pip (installs Python packages). Garak is written in Python, so we need these to run the security tests on your AI model.

4

Setup Python Environment & Install Dependencies

Create Environment:
python3 -m venv garak-env
Creates isolated Python environment (required on macOS)
Activate Environment:
source garak-env/bin/activate
Activates the virtual environment
Install Garak:
pip install garak
Installs Garak and all required packages (takes several minutes)

Virtual Environment

Creates a separate Python workspace that won't interfere with other projects on your computer. This keeps Garak's dependencies organized and prevents conflicts with your existing software.

5

Verify Setup

Check Ollama:
ps aux | grep ollama
Verify Ollama service is running
Test Model:
ollama run gemma3:4b "Hello"
Ensure model responds correctly

System Verification

Confirm all components are working before testing

6

Run Security Tests

Quick Test (Jailbreak):
python3 -m garak --target_type ollama -n gemma3:4b -p dan.DAN_Jailbreak -d dan.DAN --generations 1
Quick jailbreak vulnerability test
Comprehensive Test (All Probes):
python3 -m garak --target_type ollama -n gemma3:4b --config broad
Runs all active probes for comprehensive security testing (5-10 minutes)
Full Test (Extended):
python3 -m garak --target_type ollama -n gemma3:4b --config full
Extended testing with multiple payloads and variations
List All Available Tests:
python3 -m garak --list_probes
Shows all available vulnerability probes you can run
Safe
Warning
Vulnerable

Comprehensive Scanning

35+ security tests across multiple attack vectors

API Integration Testing

Test your deployed models via API integration before releasing updates to your customers. Ensure your production systems remain secure.

Test Your Custom AI Models

Secure your deployed models with two simple commands using NVIDIA's free, open-source Garak framework.

3
Simple Steps
35+
Security Tests
Free
Open Source

Three-Step Security Testing

Test your custom API endpoints with these ready-to-use commands

1

Quick Security Test

Run a fundamental jailbreak vulnerability test on your custom API endpoint

# Quick jailbreak test
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" -p dan.DAN_Jailbreak -d dan.DAN --generations 1
2

Comprehensive Security Test

Run all available security probes for thorough vulnerability assessment

# Comprehensive testing with all probes
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" --config broad
3

Production Security Test

Test with custom headers and authentication for production-ready security

# With custom headers and authentication
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" --config broad --rest_headers '{"Authorization": "Bearer your-token", "X-Custom-Header": "value"}'

Command Center

Ready-to-deploy security testing commands for your production models

# Quick jailbreak test
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" -p dan.DAN_Jailbreak -d dan.DAN --generations 1

# Comprehensive security testing
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" --config broad

# Extended testing with multiple payloads
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" --config full

# With custom headers and authentication
python -m garak -m rest -n "https://your-api.com/v1/chat/completions" --config broad --rest_headers '{"Authorization": "Bearer your-token", "X-Custom-Header": "value"}'

# List all available security tests
python -m garak --list_probes
# Set your OpenAI API key
export OPENAI_API_KEY="your-api-key-here"

# Quick jailbreak test
python -m garak -m openai -n gpt-4 -p dan.DAN_Jailbreak -d dan.DAN --generations 1

# Comprehensive security testing
python -m garak -m openai -n gpt-4 --config broad

# Extended testing with multiple payloads
python -m garak -m openai -n gpt-4 --config full

# Test specific vulnerability categories
python -m garak -m openai -n gpt-4 -p promptinject,encoding,leakreplay --generations 2

# List all available security tests
python -m garak --list_probes
# Set your Anthropic API key
export ANTHROPIC_API_KEY="your-api-key-here"

# Quick jailbreak test
python -m garak -m anthropic -n claude-3-sonnet -p dan.DAN_Jailbreak -d dan.DAN --generations 1

# Comprehensive security testing
python -m garak -m anthropic -n claude-3-sonnet --config broad

# Extended testing with multiple payloads
python -m garak -m anthropic -n claude-3-sonnet --config full

# Test specific vulnerability categories
python -m garak -m anthropic -n claude-3-sonnet -p promptinject,encoding,leakreplay --generations 2

# List all available security tests
python -m garak --list_probes

Vulnerability Scanning

Garak probes your models for real-world attack scenarios across multiple vulnerability categories. Choose the right testing approach for your needs.

Quick Test

1-2 minutes

Run a single jailbreak test to quickly verify basic security.

python -m garak --target_type ollama -n gemma3:4b -p dan.DAN_Jailbreak -d dan.DAN --generations 1

Broad Test

5-10 minutes

Run all active probes once each for comprehensive security coverage.

python -m garak --target_type ollama -n gemma3:4b --config broad

Full Test

15-30 minutes

Extended testing with multiple payloads, variations, and comprehensive coverage.

python -m garak --target_type ollama -n gemma3:4b --config full

Custom Test

Variable

Test specific vulnerability categories or create your own test combinations.

python -m garak --target_type ollama -n gemma3:4b -p promptinject,encoding,leakreplay --generations 2

Vulnerability Categories Tested

Jailbreak Attacks

Tests if your model can be tricked into ignoring safety constraints and generating harmful content through various attack techniques.

Probes: dan, promptinject, grandma

Prompt Injection

Attempts to manipulate your model's behavior through carefully crafted input prompts and encoding techniques.

Probes: promptinject, encoding, latentinjection

Data Leakage

Checks if your model accidentally reveals sensitive training data, internal information, or system prompts.

Probes: leakreplay, continuation, donotanswer

Content Safety

Evaluates your model's ability to avoid generating toxic, harmful, or inappropriate content across various contexts.

Probes: realtoxicityprompts, lmrc, atkgen

Malware Generation

Tests whether your model can be prompted to generate malicious code, scripts, or other harmful software.

Probes: malwaregen, exploitation

System Manipulation

Checks for vulnerabilities that could allow manipulation of system behavior, file access, or security boundaries.

Probes: xss, fileformats, packagehallucination

Run python -m garak --list_probes to see all available tests