PyRIT currently focuses primarily on prompt-level attacks against LLMs, but doesn't include pre-built scenarios for testing RAG-specific vulnerabilities, such as injecting adversarial content into a vector store to manipulate retrieval results (retrieval poisoning). Adding a dedicated test module for simulating poisoned document injection and measuring its effect on generated responses would extend PyRIT's coverage to a growing attack surface as RAG architectures become standard in enterprise AI deployments.
PyRIT currently focuses primarily on prompt-level attacks against LLMs, but doesn't include pre-built scenarios for testing RAG-specific vulnerabilities, such as injecting adversarial content into a vector store to manipulate retrieval results (retrieval poisoning). Adding a dedicated test module for simulating poisoned document injection and measuring its effect on generated responses would extend PyRIT's coverage to a growing attack surface as RAG architectures become standard in enterprise AI deployments.