Quickstart
WorkflowPilotRepo

Developer path

Try K² adversarial context in 10 minutes

Load the public adversarial corpora bundle, connect the K² MCP server to an existing generator, and inspect a cited evaluation plan before any adversarial input is generated.

Quickstart steps

Commands are illustrative until the public repo is published and the pipeline schema is finalized.

1

Clone and inspect the public bundle

The bundle contains public threat-pattern records, example policy scope, a synthetic target profile, past findings, and MCP examples.

git clone https://github.com/knowledge2-ai/k2-adversarial-context-demo.git
2

Load the adversarial corpora into K²

Use a K² project and keep credentials in environment variables or a local ignored file. Public examples use placeholders only.

export K2_API_KEY="<your-k2-api-key>"
export K2_API_HOST="https://api.knowledge2.ai"
python scripts/load_adversarial_demo_k2.py --execute
3

Connect your generator over MCP

The quickstart uses PyRIT as a vendor-neutral open-source example, but any MCP-capable harness can call the same plan endpoint.

docs/customer-demos/demo-adversarial-context/k2-assets/examples/mcp-config.example.json
4

Call get_evaluation_plan

Ask K² for a plan scoped to the synthetic SupportBot target, text-plus-image modalities, and staging environment.

get_evaluation_plan(
  target_id="target-supportbot-v2.3",
  modalities=["text", "image"],
  environment="staging"
)
5

Verify lineage survives handoff

Run one cited plan entry through your generator and confirm the threat, policy, target, and finding references remain attached downstream.

python scripts/pyrit_plan_smoke.py --plan-id seed-0142-regression --dry-run
MCP config snippets

All examples point at the same plan-only K² boundary. Keep live credentials out of committed files.

Generic MCP clientstdio MCP
{
  "mcpServers": {
    "k2-adversarial-context": {
      "command": "python",
      "args": ["scripts/k2_adversarial_mcp_server.py"],
      "env": {
        "K2_API_KEY": "${K2_API_KEY}",
        "K2_API_HOST": "https://api.knowledge2.ai",
        "K2_PROJECT_ID": "${K2_PROJECT_ID}"
      }
    }
  }
}
Codexstdio MCP
[mcp_servers.k2-adversarial-context]
command = "python"
args = ["scripts/k2_adversarial_mcp_server.py"]
env_vars = [
  "K2_API_KEY",
  "K2_API_HOST",
  "K2_PROJECT_ID",
  "K2_ADV_THREATS_CORPUS_ID",
  "K2_ADV_POLICY_CORPUS_ID",
  "K2_ADV_TARGET_CORPUS_ID",
  "K2_ADV_FINDINGS_CORPUS_ID"
]
PyRIT handoff shapestdio MCP
plan = k2.get_evaluation_plan(
    target_id="target-supportbot-v2.3",
    modalities=["text", "image"],
    environment="staging",
)
# PyRIT or your harness owns prompt generation, execution, and scoring.
Expected response

The first query should return scoped, cited plan context, not generated adversarial prompts.

Successful shape

  • A target profile for SupportBot v2.3 with accepted modalities and tools.
  • Threat-pattern candidates filtered by modality and target model class.
  • Policy verdicts that mark in-scope, out-of-bounds, and review-required entries.
  • Plan lines with threat, policy, target, and past-finding citations.

What to watch for

  • Generated jailbreak prompts at this stage cross the K² boundary.
  • Plan lines without policy citations are not ready for reviewer handoff.
  • Target-irrelevant modalities should be filtered before generation.
Next steps

Once the cited plan works, the useful question is how it maps to your current red-team process.

Replace the synthetic target profile with one production target you already red-team.
Freeze 10 to 20 evaluation plans before running a pilot.
Keep your existing generator, scorer, guardrails, and GRC workflow unchanged.