// SkillTotal // offensive playground
AI Security Labs
Interactive, in-browser simulations of real attacks on AI components. Pull off the exploit, then read exactly why it works and how to defend.
visitor@skilltotal:~$ ls ./labs
10 deterministic attack simulations · runs in your browser · no login.
select a target below — pull off the exploit, then read the dossier.
[01]
prompt-injection
Beat a keyword guard and make a support agent leak its API key.
./enter →
[02]
indirect-prompt-injection
Hide a directive in untrusted page content the agent reads.
./enter →
[03]
secret-exfiltration
Slip a secret past DLP through an allowed domain, covertly.
./enter →
[04]
mcp-tool-poisoning
Poison an MCP tool description to hijack a victim agent.
./enter →
[05]
typosquatting
Squat a name one typo from a popular package so an agent installs yours.
./enter →
[06]
command-injection
Smuggle a shell metacharacter past a tool's argument sanitizer for RCE.
./enter →
[07]
agent-hijacking
Poison a tool's output so the agent fires a privileged action unbidden.
./enter →
[08]
rag-poisoning
Plant a directive in a knowledge-base doc a benign query retrieves.
./enter →
[09]
malicious-mcp-server
Ship an MCP server that shadows a trusted tool or rug-pulls after approval.
./enter →
[10]
unsafe-deserialization
Forge a model artifact that runs code via pickle/YAML deserialization.
./enter →