{"data":{"slug":"nvidia-garak","name":"garak","tagline":"the LLM vulnerability scanner","github_url":"https://github.com/NVIDIA/garak","owner":"NVIDIA","repo":"garak","owner_avatar_url":"https://avatars.githubusercontent.com/u/1728152?v=4","primary_language":"Python","stars":8400,"forks":1079,"topics":["ai","llm-evaluation","llm-security","security-scanners","vulnerability-assessment"],"archived":false,"github_pushed_at":"2026-07-10T19:53:27+00:00","maintenance_label":"Very active","url":"https://www.graphcanon.com/tools/nvidia-garak","markdown_url":"https://www.graphcanon.com/tools/nvidia-garak.md","api_url":"https://www.graphcanon.com/api/graphcanon/tools/nvidia-garak","graph_url":"https://www.graphcanon.com/api/graphcanon/graph?tool=nvidia-garak","description":"the LLM vulnerability scanner","homepage_url":"https://discord.gg/uVch4puUCs","license":"Apache-2.0","open_issues":367,"watchers":55,"ai_summary":null,"readme_excerpt":"## Install:\n\n`garak` is a command-line tool. It's developed in Linux and OSX.\n\n---\n\n### Standard install with `pip`\n\nJust grab it from PyPI and you should be good to go:\n\n```\npython -m pip install -U garak\n```\n\n---\n\n### Install development version with `pip`\n\nThe standard pip version of `garak` is updated periodically. To get a fresher version from GitHub, try:\n\n```\npython -m pip install -U git+https://github.com/NVIDIA/garak.git@main\n```\n\n---\n\n## Getting started\n\nThe general syntax is:\n\n`garak <options>`\n\n`garak` needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. You can see a list of probes using:\n\n`garak --list_probes`\n\nTo specify a generator, use the `--target_type` and, optionally, the `--target_name` options. Model type specifies a model family/interface; model name specifies the exact model to be used. The \"Intro to generators\" section below describes some of the generators supported. A straightforward generator family is Hugging Face models; to load one of these, set `--target_type` to `huggingface` and `--target_name` to the model's name on Hub (e.g. `\"RWKV/rwkv-4-169m-pile\"`). Some generators might need an API key to be set as an environment variable, and they'll let you know if they need that.\n\n`garak` runs all the probes by default, but you can be specific about that too. `--probes promptinject` will use only the [PromptInject](https://github.com/agencyenterprise/promptinject) framework's methods, for example. You can also specify one specific plugin instead of a plugin family by adding the plugin name after a `.`; for example, `--probes lmrc.SlurUsage` will use an implementation of checking for models generating slurs based on the [Language Model Risk Cards](https://arxiv.org/abs/2303.18190) framework.\n\nFor help and inspiration, find us on [Twitter](https://twitter.com/garak_llm) or [discord](https://discord.gg/uVch4puUCs)!","github_created_at":"2023-05-10T18:52:16+00:00","created_at":"2026-07-11T11:59:11.993064+00:00","updated_at":"2026-07-11T23:42:41.049158+00:00","categories":[{"slug":"evaluation-observability","name":"Evaluation & Observability","url":"https://www.graphcanon.com/categories/evaluation-observability","markdown_url":"https://www.graphcanon.com/categories/evaluation-observability.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/evaluation-observability"},{"slug":"llm-frameworks","name":"LLM Frameworks","url":"https://www.graphcanon.com/categories/llm-frameworks","markdown_url":"https://www.graphcanon.com/categories/llm-frameworks.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/llm-frameworks"},{"slug":"vector-databases","name":"Vector Databases","url":"https://www.graphcanon.com/categories/vector-databases","markdown_url":"https://www.graphcanon.com/categories/vector-databases.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/vector-databases"}],"tags":[{"slug":"ai","name":"ai"},{"slug":"llm-evaluation","name":"llm-evaluation"},{"slug":"llm-security","name":"llm-security"},{"slug":"python","name":"python"},{"slug":"security-scanners","name":"security-scanners"},{"slug":"vulnerability-assessment","name":"vulnerability-assessment"}],"trust":{"provenance":{"is_fork":false,"github_id":639097338,"owner_type":"Organization","methodology":"github_public_v1","parent_repo":null,"near_duplicate_slugs":[]},"computed_at":"2026-07-11T23:42:37.803Z","maintenance":{"label":"Very active","score":96,"methodology":"github_public_v1","releases_90d":2,"days_since_push":1,"last_release_at":"2026-06-05T17:24:50Z"},"security_summary":{"status":"findings","scanner":"osv@v1","low_count":54,"high_count":0,"last_scan_at":"2026-07-11T23:42:38.356Z","medium_count":0,"scan_profile":"deps","critical_count":0}},"capability_facts":{"scan":{"source":"repo_scan","observed_at":"2026-07-11T23:42:37.526Z"},"has_cli":{"value":true,"source":"pyproject.toml:[project.scripts]","observed_at":"2026-07-11T23:42:37.526Z"},"languages":{"value":["python"],"source":"github.language+pyproject.toml","observed_at":"2026-07-11T23:42:37.526Z"},"license_spdx":{"value":"Apache-2.0","source":"github.license","observed_at":"2026-07-11T23:42:37.526Z"}}}}