I built a red-team test suite that fires adversarial prompts at an LLM-backed

API and decides, for each reply, whether a guardrail actually broke. It is the

project where I stopped writing tests that answer "did the model refuse?" and

started writing tests that answer a much harder question: "did anything bad

actually happen?"