Practical AI Security Verification Environment "Model Security Range" Released as Open Source
MONO BRAIN Co., Ltd. has open-sourced "Model Security Range," a practical AI security verification environment. This framework enables reproducible attacks, evaluations, and recoveries against intentionally vulnerable AI applications, addressing challenges in verifying AI-specific threats like prompt injection and model poisoning. It aims to provide a common platform for AI developers, security professionals, and researchers to advance AI security implementation and operation.
📋 Article Processing Timeline
- 📰 Published: April 2, 2026 at 22:30
- 🔍 Collected: April 2, 2026 at 19:38
- 🤖 AI Analyzed: April 17, 2026 at 08:14 (348h 36m after Collected)
What is Model Security Range?
"Model Security Range" is a framework that allows for reproducible attack, evaluation, and recovery procedures against intentionally vulnerable AI applications. It is configured to verify attack classes that are prone to problems in actual operation, such as prompt injection, abuse of tool privileges, and model poisoning, not merely theoretically but at an implementation level.
▼ GitHub Repository (Free Release)
https://github.com/monobrain-development/model-security-range
■ Key Points of This Release
・Releases executable AI vulnerability scenarios as a set of the application body and attack code.
・Standardizes setup, attack execution, and recovery, enabling highly reproducible verification.
・Allows evaluation across multiple patterns such as RAG, agents, OCR, and machine learning models.
・Can be used by AI developers, security personnel, and researchers as a common verification platform.
■ Background of the Release
While the business utilization of generative AI is progressing, threats to AI systems can no longer be fully addressed by conventional web security alone.
For example, AI-specific attack surfaces are rapidly expanding, such as internal information leakage through prompt injection, abuse of excessive privileges during external tool integration, and poisoning attacks targeting operational data and learning processes.
However, challenges remain in the field, such as "inability to evaluate the effectiveness of countermeasures due to irreproducible attacks" and "inability to compare results due to varying verification methods among personnel."
"Model Security Range" was designed to solve these practical problems. By clearly defining attack procedures and evaluation targets and providing an environment where anyone can conduct verification under the same conditions, it advances the implementation and operation of AI security.
■ Overview of Model Security Range
"Model Security Range" is structured around the following concepts:
・Prepares intentionally vulnerable applications to clarify attack establishment conditions.
・Manages setup, execution, and recovery separately for each attack scenario.
・Provides a verification workflow that emphasizes reproducibility, transparency, and measurability.
・Can be utilized for continuous hardening learning, not just one-off demonstrations.
■ Main Verification Scenarios Currently Released
1. Prompt Injection (RAG Chatbot / Gemma 3 4B)
・Confidential information leakage through injection into RAG context.
・Inducement of disclosure of embedded knowledge files.
・System prompt leakage.
2. Tool Misuse (Agent with DB / Gemma 3 4B)
・Data exfiltration through abuse of excessive privilege tools.
・Destructive SQL execution through command hijacking.
3. Indirect Prompt Injection (AI OCR / Gemma 3 4B)
・Indirect jailbreaking inducement via file upload.
4. Supply Chain Vulnerabilities (Creditworthiness Assessment / ML)
・Targeted backdoor behavior due to poisoned learning artifacts.
5. Data Poisoning (Spam Email Classification / ML)
・Degradation of classifier performance due to feedback loop abuse.
■ Usage Scenarios
・Pre-release security verification of in-house AI applications.
・Joint exercises for Red Team / Blue Team.
・Developer education, hands-on training, and attack reproduction for research purposes.
・Regression confirmation after implementing countermeasures.
■ Recommended for
・Engineers developing and operating products utilizing generative AI.
・Security personnel who want to establish standard procedures for AI security evaluation.
・Researchers and students conducting empirical research on AI risks.
・Practitioners responsible for AI governance and audit compliance.
■ Before Use
This project is released for educational and verification purposes. The released scenarios intentionally contain vulnerable implementations.
Do not use it for attacking production environments or unauthorized targets. Please comply with applicable laws, organizational policies, and contract terms, and use it in a controlled environment.
■ About the AI Security Platform "MODEL SAFE"
"MODEL SAFE" is an AI security platform that centrally manages AI design, development, and operation, supporting the operation of AI in a "state that can be explained later."
It comprehensively supports technical safety, operational control, and regulatory compliance through AI supply chain visualization, change management, and runtime monitoring and control.
Companies working on establishing governance systems and visualizing risks are encouraged to contact us.
▼ Contact Us
▼ MODEL SAFE Service Introduction