sullivanUCSD/SCOUT-450

SCOUT-450是一个包含450个样本的评估基准，专门用于提示注入检测。该基准故意偏向于困难案例：长且结构复杂的载体，其中穿插着对抗性片段，以及部署相关的对齐指令和完全良性的类别，这些类别占现实世界流量的主要部分。数据集包含255个攻击样本和195个良性样本，分为6个类别和13种载体类型。每个样本都是一个JSON对象，包含多个字段，如唯一ID、类别、载体类型、攻击类型、隐藏策略、难度标签、是否为攻击的布尔标签、目标文本、策略文本、清洁内容、评估内容、来源数据集、生成方法和备注。评估协议要求检测器和路由系统在评估内容上进行评估，使用is_attack作为真实标签。SCOUT-450与其他数据集（如anchor-400）是独立的，确保了评估的公正性。

SCOUT-450 is a 450-sample held-out evaluation benchmark for prompt-injection detection, intentionally biased toward hard cases: long, structurally complex carriers with adversarial fragments interleaved among legitimate content, plus the deployment-relevant aligned-instruction and totally-benign categories that account for most real-world traffic. The dataset includes 255 attack samples and 195 benign samples, categorized into 6 categories and 13 carrier types. Each sample is a JSON object with fields such as unique ID, category, carrier type, attack type, hiding strategy, difficulty tag, boolean label for attack, goal text, policy text, clean content, eval content, source dataset, generation method, and notes. The evaluation protocol requires detectors and routing systems to evaluate on eval_content with is_attack as the ground-truth label. SCOUT-450 is disjoint from other datasets like anchor-400, ensuring unbiased evaluation.