Capability
13 artifacts provide this capability.
Want a personalized recommendation?
Find the best match →via “robustness evaluation with adversarial examples and out-of-distribution detection”
8-dimension trustworthiness benchmark for LLMs.
Unique: Combines adversarial NLU (AdvGLUE), adversarial instruction-following (AdvInstruction), and OOD detection into a single robustness dimension. Uses deterministic metrics for reproducibility while capturing both adversarial and distributional robustness.
vs others: More comprehensive than single-adversarial-dataset benchmarks because it measures robustness to multiple perturbation types and includes OOD detection, which is critical for real-world deployment.
via “multi-level adversarial prompt attack generation”
Microsoft's unified LLM evaluation and prompt robustness benchmark.
Unique: Organizes attacks into a four-level hierarchy (character, word, sentence, semantic) with distinct perturbation strategies at each level, rather than treating all attacks uniformly. Uses attack-specific algorithms (DeepWordBug for character-level, BertAttack for word-level semantic similarity) that preserve semantic meaning while degrading performance.
vs others: More comprehensive than TextAttack because it combines multiple attack granularities in a single framework and includes semantic-level attacks, enabling evaluation of robustness across different perturbation types rather than just word-level substitutions.
via “robustness evaluation via adversarial and distribution-shifted inputs”
Stanford's holistic LLM evaluation — 42 scenarios, 7 metrics including fairness, bias, toxicity.
Unique: Embeds robustness testing into the core evaluation loop by generating multiple perturbed versions of each scenario (typos, paraphrases, out-of-distribution examples) and measuring accuracy degradation. Treats robustness as a first-class metric alongside accuracy rather than a post-hoc analysis.
vs others: More systematic than ad-hoc robustness testing because it applies consistent perturbation strategies across all 42 scenarios, enabling fair comparison of robustness profiles across models
via “evaluation-metrics-and-classifier-robustness-benchmarking”
Microsoft's dataset for implicit toxicity detection.
Unique: Provides adversarial-specific metrics (adversarial success rate) in addition to standard classification metrics, enabling direct measurement of how well classifiers resist adversarial examples. The system supports per-group evaluation, revealing whether classifiers have disparate robustness across different target groups.
vs others: More comprehensive than standard classification metrics because it includes adversarial-specific measures and per-group analysis, enabling researchers to identify both overall robustness issues and fairness disparities across demographic groups.
via “adversarial-robustness-evaluation”
image-classification model by undefined. 10,56,282 downloads.
Unique: Standard ImageNet-trained EfficientNet-B0 provides no adversarial robustness by default, but the model's efficient architecture enables fast adversarial training (2-3× faster than ResNet50 for equivalent robustness). timm's integration with PyTorch autograd allows seamless gradient-based attack implementation.
vs others: Faster to evaluate than larger models (ResNet50, ViT) due to smaller parameter count; can be adversarially trained more efficiently than dense architectures, making it suitable for resource-constrained robustness research.
via “adversarial-prompt-attack-simulation-multi-level”
PromptBench is a powerful tool designed to scrutinize and analyze the interaction of large language models with various prompts. It provides a convenient infrastructure to simulate **black-box** adversarial **prompt attacks** on the models and evaluate their performances.
Unique: Implements a hierarchical attack taxonomy (character → word → sentence → semantic) with specialized algorithms for each level, rather than a generic perturbation framework. This enables fine-grained control over attack intensity and allows researchers to isolate which linguistic levels cause model failures.
vs others: More comprehensive than simple prompt variation tools because it includes semantic-level attacks (human-crafted, CheckList, StressTest) that preserve meaning while changing form, which better reflects real-world adversarial scenarios than character-only fuzzing.
via “red teaming and adversarial test case generation”
The LLM Evaluation Framework
Unique: Implements red teaming through systematic input perturbation (typos, paraphrasing, edge cases) and robustness metrics that measure output sensitivity to adversarial conditions. Supports both automated generation and manual specification.
vs others: More systematic than ad-hoc adversarial testing and more integrated than standalone red teaming tools because it provides automated perturbation generation and robustness metrics within the evaluation framework.
via “adversarial robustness testing”
via “model-adversarial-robustness-testing”
via “model-robustness-scoring”
via “model performance under attack analysis”
via “model-robustness-assessment”
via “model-performance-and-robustness-testing”
Building an AI tool with “Adversarial Robustness Evaluation”?
Submit your artifact →curl unfragile.ai/agents.md | sh© 2026 Unfragile. The platform for software for agents.