Wrapped LLM as a garak generator

[Nakul-Rajpal]

Wrapped the Python Library LLM (for OpenAI, Anthropic’s Claude, Google’s Gemini etc) as a garak generator.

Fixes Issue #463

[Nakul-Rajpal]

@leondz Please check

[leondz]

thanks, will take a look!

[leondz]

@Nakul-Rajpal This isn't passing tests - can you amend?

[Nakul-Rajpal]

@leondz It should be good now? The tests were failing due to me not adding the llm library to the requirements so it ran without the module.

[Nakul-Rajpal]

@leondz Should be ready to go now; really sorry about the errors before I request to do another issue I should familiarize myself with the repo further.

[leondz]

Yeah, it's in the review queue, thank you

[jmartin-tech]

This looks like a great start. I noted a few edge case and a mismatch in how a system_prompt is handled.

Please take a look, happy to offer further detail or answer question about how things flow.

[jmartin-tech]

Current system prompt support in garak is tied to the conversation passed as part of prompt. The DEFAULT_PARAMS entry here should likely be removed in favor of extracting the system_prompt from the prompt via prompt.last_message("system"). That is if passing a conversation that includes the system message would not apply it.

[jmartin-tech]

Remove, the system prompt is set via the run configuration and pass to generators as part of the prompt conversation.

Suggested change

"system": None,

[jmartin-tech]

None == False and all keys defined in DEFAULT_PARAMS will exist on self.

Suggested change

	if self.max_tokens is not None:
	prompt_kwargs["max_tokens"] = self.max_tokens
	if self.temperature is not None:
	prompt_kwargs["temperature"] = self.temperature
	if self.top_p is not None:
	prompt_kwargs["top_p"] = self.top_p
	if self.stop:
	prompt_kwargs["stop"] = self.stop
	if self.max_tokens:
	prompt_kwargs["max_tokens"] = self.max_tokens
	if self.temperature:
	prompt_kwargs["temperature"] = self.temperature
	if self.top_p:
	prompt_kwargs["top_p"] = self.top_p
	if self.stop:
	prompt_kwargs["stop"] = self.stop

[jmartin-tech]

This does not grab out the full conversation. There is an existing helper function in the base class Generator._conversation_to_list() that will format the garak Conversation object as a list of dictionaries meeting the HuggingFace and OpenAI conversation list. Looking at how the llm library handles what it considers to be conversation I don't know if there is a way to load a prefilled history in a similar pattern to how chat completions APIs for other generators are working.

For best adoption, this generator should at least validate the conversation has at most one user and one system message to know if the prompt passed will be fully processed during inference.

[jmartin-tech]

temperature and max_tokens are already in Generator.DEFAULT_PARAMS is there a reason to include here?

Suggested change

	"temperature": None,
	"max_tokens": None,

[leondz]

Looks pretty good. Requests to add a pattern supporting parallelisation, some renaming, and vars ensuring test consistency

[leondz]

this might be better as lower case - that's how the tool is described

[leondz]

Can we rename self.model to self.target to be consistent with overall garak nomenclature? llm supports both systems and models so the change fits this use-case fine too

[leondz]

It's worth implementing the _load_client() / _clear_client() pattern here to support parallelisation - see openai.OpenAICompatible for an example

[leondz]

Suggested change

	# SPDX-FileCopyrightText: Portions Copyright (c) 2025 NVIDIA CORPORATION &
	# AFFILIATES. All rights reserved.
	# SPDX-FileCopyrightText: Portions Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved.

[leondz]

we should land #1199 before landing this, and then move this PR to the deferred loading pattern

[leondz]

Suggested change

	conv = Conversation([Turn("user", Message(text="ping"))])
	test_txt = "ping"
	conv = Conversation([Turn("user", Message(text=test_txt))])

[leondz]

Suggested change

	assert prompt_text == "ping"
	assert prompt_text == test_txt

[leondz]

use vars for these values (and the checks later)

[leondz]

vars here. could do a list assignment / check likex,y = 1,2 for brevity

[leondz]

nice

[jmartin-tech]

Some tweaks to ensure consistent behaviour.

Code suggestions are untested.

[jmartin-tech]

It may be best to call super().__init__() before calling _load_client() to ensure the end object state is not impacted. Also no need to call _clear_client() during __init__().

Suggested change

	self._load_client()
	super().__init__(self.name, config_root=config_root)
	self._clear_client()
	super().__init__(self.name, config_root=config_root)
	self._load_client()

[jmartin-tech]

Suggested change

	Set --model_name to the `llm` model id or alias (e.g., "gpt-4o-mini",
	Set --target_name to the `llm` model id or alias (e.g., "gpt-4o-mini",

[jmartin-tech]

Unsupported prompts in _call_model() are currently expected to return None to avoid early termination of the test run. While I understand the thought process of using raise here, currently logging the reason for skipping the prompt would align better.

import logging

Suggested change

	if assistant_turns:
	raise ValueError("llm generator does not accept assistant turns")
	if len(system_turns) > 1:
	raise ValueError("llm generator supports at most one system turn")
	if len(user_turns) != 1:
	raise ValueError("llm generator requires exactly one user turn")
	if assistant_turns:
	logging.debug("llm generator does not accept assistant turns")
	return [None] * generations_this_call
	if len(system_turns) > 1:
	logging.debug("llm generator supports at most one system turn")
	return [None] * generations_this_call
	if len(user_turns) != 1:
	logging.debug("llm generator requires exactly one user turn")
	return [None] * generations_this_call

[jmartin-tech]

Could this inspect the accepted arguments to self.target.prompt() vs a hard coded list here? Something similar exists in the OpenAICompatible class, where we collect all options set on the generator that the target API accepts.