Understanding Results
How to read scan results: health score, vulnerability status, findings, and recommendations.
Understanding Results
After a scan completes, the results page shows a comprehensive security assessment. This page explains each section.
Health Score
The health score is a number from 0 to 100. Higher means more secure.
- 90–100: Secure. Your prompt resisted most attacks.
- 70–89: Low risk. Minor improvements recommended.
- 50–69: Medium risk. Several vulnerabilities detected.
- 30–49: High risk. Significant hardening needed.
- 0–29: Critical. Immediate remediation required.
For Full scans, the score is the average of extraction and injection scores. See Scoring for details.
Vulnerability Status
The vulnerability level summarizes the worst finding:
| Status | Meaning |
|---|---|
| Secure | No significant vulnerabilities detected |
| Low | Minor issues; prompt is largely resilient |
| Medium | Moderate exposure; hardening recommended |
| High | Serious exposure; prompt can be compromised |
| Critical | Severe exposure; full extraction or injection |
The status is derived from leak severity (extraction) or injection success rate (injection). For Full scans, the worst of the two is shown.
Findings List
The findings section lists each successful extraction or injection. Each finding includes:
- Extracted content or injected instruction: What the attacker obtained or achieved
- Technique: The attack category used (e.g., direct, persona, crescendo)
- Severity: critical, high, medium, or low
- Confidence: How certain the evaluator is (high, medium, low)
- Evidence: The model response that indicates success
Findings are ordered by severity. Address critical and high findings first.
Injection Results
For injection and Full scans, a separate injection results block shows:
- Succeeded: Probes where the model followed the injected instruction
- Blocked: Probes where the model resisted
- Partial: Probes with partial compliance
Each succeeded or partial result shows the technique, injected instruction, expected behavior, and actual response. Use these to tailor hardening rules.
Recommendations
The report includes recommendations based on successful attack vectors. These are specific to the categories that succeeded (e.g., persona anchoring for persona attacks, instruction hierarchy for technical attacks). Apply them to your prompt and re-scan to verify.
Conversation Log
The conversation log shows the full attacker–target exchange. Use it to:
- See exactly how attacks were phrased
- Understand why certain probes succeeded
- Debug model behavior
You can expand or collapse turns. For Full scans, extraction and injection logs may be shown separately.
Hardening and PDF Export
If auto-hardening ran, the report includes a hardened prompt and validation results. You can copy the hardened prompt from the report. PDF export is available for sharing or archival.