feat: severity-weighted safety score and attack success rate#197
Merged
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
WalkthroughReport headline scores now weight PASS and FAIL attack results by evaluator severity in both core aggregation and the browser extension, while raw total, passed, failed, and error counts remain unweighted. ChangesSeverity-weighted scoring
Estimated code review effort: 3 (Moderate) | ~20 minutes Sequence Diagram(s)sequenceDiagram
participant EvaluatorResults
participant computeWeightedScores
participant buildUnifiedReport
EvaluatorResults->>computeWeightedScores: supply verdicts and evaluator severities
computeWeightedScores->>buildUnifiedReport: return weighted headline scores
buildUnifiedReport->>buildUnifiedReport: retain unweighted verdict counts
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Each attack's contribution to safetyScore and attackSuccessRate is now scaled by its evaluator's severity weight (critical=4, high=3, medium=2, low=1), so critical failures dominate the headline report scores. The unweighted passed/failed/errors counts are preserved for transparency. Closes #196 Co-authored-by: Cursor <cursoragent@cursor.com>
e8fef48 to
bcdf5e9
Compare
jithin23-kv
approved these changes
Jul 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The current
safetyScoreandattackSuccessRatein the report summary treat every attack with equal weight, regardless of the evaluator's severity. A FAIL on alowseverity evaluator (e.g. ambiguous helpfulness) has the same impact on the headline score as a FAIL on acriticalseverity evaluator (e.g. full PII dump), misrepresenting the actual risk posture.Solution
Introduce severity-based weights so critical failures dominate the headline scores:
Each attack's contribution to
safetyScoreandattackSuccessRateis scaled by its evaluator's severity weight. The rawtotal/passed/failed/errorscounts remain unweighted for transparency.Changes
core/src/execute/aggregate.ts— addedSEVERITY_WEIGHTSmap,severityWeight()helper, andcomputeWeightedScores()function; updatedbuildUnifiedReport()to use weighted scoresrunners/extension/popup.js— added the same severity weight logic to the browser extension's parallel score calculation inbuildReport()Issue
Closes #196
How to test
npm run build && npm test— all 159 tests pass (existingbuildUnifiedReporttest uses a single severity band, so weighted = unweighted)summary.safetyScoreandsummary.attackSuccessRatenow reflect severity weighting. When results are mixed across severity bands, critical FAILs will pull the score down more than low FAILs.Screenshots
N/A — no visual changes; the scores are computed identically, just weighted.
Made with Cursor
Summary by CodeRabbit