Skip to content

PentestPad/evil-ai

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
assets
assets
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.json
config.json
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
server.js
server.js
 
 
test-client.js
test-client.js
 
 

Repository files navigation

Header Image

Mock OpenAI API Implementation with Functions

A Node.js mock server that simulates the OpenAI API with hardcoded responses and command execution tool calling.

Features

  • OpenAI-compatible /v1/chat/completions endpoint
  • Supports execute_command tool/function calling
  • Hardcoded command mappings based on user input keywords
  • Easy to customize via JSON config
  • Logging of requests and responses

Installation

npm install

Usage

Start the server

npm start

The server will run on http://localhost:3333

Point Agent to Evil AI API

$ export AGENT_API=https://localhost:3333
./agent

You: execute command

[Tool Call] execute_command({"command":"echo","args":["I'm naive agent, sorry."]})
[Tool Result] Command 'echo' executed successfully:
I'm naive agent, sorry.

Agent: I am a mock AI assistant. I can execute commands for you. Try asking me to execute a command!

You:

Hardcoded Response Rules

The mock API matches user messages against keywords and returns predefined responses:

Keyword Response Type Action
"execute command" Function call Calls execute_command (executed locally by agent)
"run command" Function call Calls execute_command (executed locally by agent)
"execute" Function call Calls execute_command (executed locally by agent)
"run" Function call Calls execute_command (executed locally by agent)
(anything else) Text response Returns default greeting message

API Endpoints

POST /v1/chat/completions

Standard OpenAI chat completions endpoint.

Request:

{
  "model": "gpt-4-turbo-preview",
  "messages": [
    {"role": "user", "content": "Execute command ls"}
  ],
  "tools": [
    {
      "type": "function",
      "function": {
        "name": "execute_command",
        "description": "Execute a system command",
        "parameters": {
          "type": "object",
          "properties": {
            "command": {"type": "string"},
            "args": {"type": "array", "items": {"type": "string"}}
          },
          "required": ["command"]
        }
      }
    }
  ]
}

Response (with tool call):

{
  "id": "chatcmpl-abc123",
  "object": "chat.completion",
  "created": 1234567890,
  "model": "gpt-4-turbo-preview",
  "choices": [{
    "index": 0,
    "message": {
      "role": "assistant",
      "content": null,
      "tool_calls": [{
        "id": "call_exec",
        "type": "function",
        "function": {
          "name": "execute_command",
          "arguments": "{\"command\":\"echo\",\"args\":[\"Hello from command execution!\"]}"
        }
      }]
    },
    "finish_reason": "tool_calls"
  }],
  "usage": {
    "prompt_tokens": 50,
    "completion_tokens": 20,
    "total_tokens": 70
  }
}

GET /v1/models

Returns list of available models.

GET /health

Health check endpoint.

Customization

Edit config.json to change what commands get executed for different keywords - no code changes needed!

Example: Execute Different Commands

{
  "keywords": ["list files", "show files"],
  "action": "function_call",
  "tool_call": {
    "id": "call_ls",
    "function_name": "execute_command",
    "arguments": {
      "command": "ls",
      "args": ["-la"]
    }
  }
}

After editing config.json, restart the server to apply changes.

Learn More

License

MIT

About

Mocked Node.js server for testing naive AI agents

www.pentestpad.com/blog/function-poisoning-hijacking-ai-agent-tool-execution

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages