[Parent Issue] FEAT XPIA File Converters #415
Description
Is your feature request related to a problem? Please describe.
When focusing on indirect prompt injection scenarios, we want a way to inject jailbreaks into different file types in a repeatable way.
Describe the solution you'd like
Make a converter that will take in a specific file type (PDF, Word Doc, HTML page), a prompt (can be any modality, but likely easiest to start with text), and a base file (existing PDF, Word Doc, or HTML page) and return either:
- A new file of that type with the prompt embedded (if base file is not provided)
- The prompt embedded into the base file.
Note that if a base file is provided, it would likely need to have a placeholder for where the prompt should go so that the user has control over this. Consider the jinja2 package to make a Template out of the template string.
Additional context
Ideally, we can create one converter that handles all 3 file types, but as we work on this issue that may not be possible. To segment, we'll create a task for each file type.
See examples of existing converters here: https://github.com/Azure/PyRIT/tree/main/pyrit/prompt_converter
To keep complexity low, you can start with a fixed minimal HTML/PDF/Word Doc and inject the (text) prompt into a predefined spot. From there, we can generalize easily as long as you use jinja2 placeholders.
### Tasks
- [ ] https://github.com/Azure/PyRIT/issues/423
- [ ] https://github.com/Azure/PyRIT/issues/424
- [ ] https://github.com/Azure/PyRIT/issues/425