Red Team Dashboard

Adversarial testing — find weaknesses before bad actors do

Why Red-Team?

The PWM benchmark is only as trustworthy as the gates that protect it. Red-teaming means deliberately trying to break those gates. If you can bypass a gate, we need to know about it so we can fix it. Every vulnerability found makes the benchmark stronger.

Successful red-team findings are credited on the contributor leaderboard and acknowledged in published benchmark reports.

Bounty Board

Open Challenges

Each bounty targets a specific gate or system layer. Can you break it?

Gate Challenge Difficulty Status
R1 Create a manifest that passes R1 with missing CoreSpec fields Medium Open
R2 Produce non-reproducible results that still pass R2 Hard Open
R3 Bypass SHA-256 hash verification Very Hard Open
R4 Hide budget overrun from R4 detection Medium Open
Social Inflate metrics while passing all automated gates Easy (by design) Documented

Attack Surface Map

A Automated Gate Bypass

  • R1 — Spec spoofing: Create a valid-looking manifest with missing or invalid CoreSpec fields
  • R2 — Seed collision: Different seeds producing same hash (reproducibility fake)
  • R3 — Hash collision: Tampered artifacts that still match SHA-256 hashes
  • R4 — Budget hiding: Conceal runtime overruns (e.g., offload to external GPU)

S Social & Metric Gaming

  • PSNR inflation: Optimize for PSNR while destroying perceptual quality
  • Leaderboard sniping: Submit many slight variants to dominate rankings
  • Dataset overfitting: Memorize test data from public tier to cheat on dev/hidden
  • Ghost authorship: Submit others' solvers under fake identity

C Scientific Gate Evasion

  • S1 — Infinite spec: Submit a problem that cannot be finitely specified
  • S2 — Ill-posed bypass: Claim well-posedness for a fundamentally ill-posed problem
  • S3 — Convergence fake: Show false convergence proof
  • S4 — Uncomputable bound: Claim error bounds that cannot be verified

I Infrastructure Attacks

  • API abuse: Flood submission endpoints to DoS the system
  • Model injection: Submit solver with malicious payload in checkpoint
  • GCS path traversal: Attempt to access unauthorized bucket paths
  • Auth bypass: Elevate privileges from user to reviewer/admin
Reports

Recent Red-Team Reports

No red-team reports yet. Be the first to find a vulnerability!

How to Submit a Finding

Found a gate bypass or metric gaming opportunity? Report it responsibly.

  1. Reproduce the attack — document the exact steps, inputs, and outputs.
  2. Tag with [RED-TEAM] — prefix your claim title with [RED-TEAM] so it routes to the security review queue.
  3. Submit via CLI: 
    pwm claim submit \
  --title "[RED-TEAM] R3 hash bypass via truncated SHA-256" \
  --method red_team \
  --gate R3 \
  --description "Describe the vulnerability and reproduction steps" \
  --evidence evidence.tar.gz
  4. Responsible disclosure — if the vulnerability is critical (e.g., allows data exfiltration), contact security@pwm.platformai.org before public disclosure.

Running Adversarial Tests

Use the PWM CLI to run automated adversarial tests against your local or staging instance. 

# Install the PWM CLI
pip install pwm-cli

# Run all red-team checks against a target
pwm redteam run --target https://pwm.platformai.org --suite all

# Run specific gate tests
pwm redteam run --gate R1 --attack spec-spoofing
pwm redteam run --gate R3 --attack hash-collision
pwm redteam run --gate R4 --attack budget-hiding

# Generate an adversarial dataset (PSNR-inflated reconstruction)
pwm redteam generate --attack psnr-inflation --modality ct --output adversarial.h5

# Submit red-team report
pwm redteam report --title "[RED-TEAM] Found R1 bypass" --evidence report.json

Submit a Report via Web

Prefer not to use the CLI? Submit your finding directly here.

Log in to submit a report via web form.

Gate Dashboard Solver Gallery