Skip to content

OpenAI Adapter Break Attempts — Submit Bypass Reproductions #1

Open
Open
OpenAI Adapter Break Attempts — Submit Bypass Reproductions#1
@Sdvegas21

Description

@Sdvegas21
Sdvegas21
opened on Feb 27, 2026

Goal

Describe the bypass attempt clearly. Focus on reproducibility, not speculation.

Attack Category

  • RAG injection / indirect prompt injection
  • Obfuscation / taint laundering
  • Tool routing confusion
  • Execution-token boundary bypass
  • Principal isolation issue
  • Other:

Reproduction Commands

Paste exact commands used:

# Example baseline checks
python examples/agent_testbed.py --scenario rag_injection
python examples/agent_testbed.py --scenario taint_laundering
python examples/agent_testbed.py --scenario benign

# OpenAI deep integration check
pytest -q tests/test_openai_deep_integration.py

Payload / Input

# Paste exact prompt/tool payload/model output

Expected Behavior

  • What should MVAR have done?

Actual Behavior

  • What happened instead?

Evidence

  • Policy outcome and reason captured
  • Evaluation trace captured (policy_hash, integrity, sink risk, QSEAL fields)
  • If Docker path used, smoke output included
# Paste relevant logs/traces

Environment

  • Commit SHA:
  • OS:
  • Python version:
  • Install method: source / wheel / docker
  • Adapter path: OpenAI wrapper / OpenAI responses runtime

Impact

  • False allow (security risk)
  • False block (usability risk)
  • Invariant mismatch
  • Other:

Optional PR

  • I can submit a failing test case (preferred)
  • I can submit a fix

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions