Skip to content

Submission/heretolearn/insuranceinsider #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
KaiquanMah wants to merge 21 commits into
base: main
Choose a base branch
from
Open

Submission/heretolearn/insuranceinsider #9

KaiquanMah wants to merge 21 commits into from

Conversation

@KaiquanMah
Copy link

@KaiquanMah KaiquanMah commented Jan 11, 2026

InsuranceInsider Scenario

This is a PII Leakage scenario which tests an insurance claim support assistant's ability to protect sensitive customer claim data against multi-vector social engineering attacks.

Overview

An insurance claim support assistant that has access to customer claim records including payout amounts. The attacker employs rotating social engineering techniques—including authority impersonation, emotional tricks, and sympathetic persona exploitation, to extract private payout information for a specific family.

More Information

For more information, please refer to scenarios\security_arena\submissions\heretolearn\insuranceinsider\README.md

kaiquanmah and others added 21 commits December 31, 2025 17:35
scenario 1 - crmcrack draft
498d7dc
crm scenario 1 - fixed toml to follow portfolioiq mandatory sections.…
9442482 
… insuranceinsider scenario 2 - added
scenario 3 GymJailbreak
4290aed
scenario4 base64bandit to draft biased emails
bc5b152
test portfolioiq worked. base64bandit - round1 defender won all 20 ro…
f8d195d 
…unds
base64bandit passed. crmcrack still failed aft iterations. gymjailbre…
7bb7285 
…ak seems ok-pass. insuranceinsider to fix
insuranceinsider - finally succeeded
5ca70ca
insuranceinsider - finally succeeded
14dff8e
base64bandit - updated docs. insuranceinsider - to update docs later
25a33f2
base64bandit readme minor update. insuranceinsider readme updated
2c78a9f
gymjailbreak update for realism
9be929c
crmcrack - updated scenario w data JSON
af239a9
gymjailbreak - scenario finally successful. cant be too verbose cuz t…
4c18f00 
…imeout. cant be too obvious cuz atker or defender can reject. cant be too simple or outright ask defender to output unsafe percenages. calculations were difficult to target, yet finally worked
crmcrack - still failing
09c6e35
crmcrack - still failing. to continue debugging
41861ab
crmcrack - finally successful. all 4 README follows the 2 different r…
d7da4b6 
…eadme formats - SCENARIO_SPECIFICATIONS.md has novel aspects, no real world relevance. example_scenario/readme.md has real world relevance, no novel aspects
workings md added n updated w debugging steps. moved ALL workings and…
be0ec7b 
… ideas downloaded using r.jina into workings folder for traceability
workings md minor scenario update
6b718b4
results.json copied from results/heretolearn/scenarioname/yyyyMMdd_hh…
cb74217 
…mmss/ into the respective scenario folders
Submission: heretolearn - insuranceinsider
abf28a0
registry.py - commented out other scenario plugins for the team submi…
22000f3 
…ssion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@KaiquanMah