What is Roleplay?
Roleplay is a security workbench for testing whether AI agents can be manipulated through social-engineering attacks, then reviewing proof, verifying fixes, and monitoring regressions.
Is this a prompt injection scanner?
No. Prompt injection is one tactic. Roleplay tests repeatable social-engineering situations where authority, urgency, policy pressure, or untrusted tool content can push an agent over a protected boundary.
Does Roleplay run my agent in the cloud?
No. The included local runner tests your agent in your environment. The workbench stores the safe finding summary, run history, ownership, and regression state.
Do I need to upload transcripts?
No. Full transcripts stay local by default. Roleplay is designed around sanitized finding uploads, redacted snippets, and secret redaction.
Who is this for?
Agent builders shipping customer support, customer success, account management, Sales/SDR, recruiting, or HR agents that interact with external people.
What happens after I choose a plan?
You create a workspace, generate a project API key, configure provider and judge settings, run a specialized social-engineering pack locally, upload sanitized proof, review evidence, verify fixes, and monitor or gate regressions.
How are results judged?
You choose the judging mode. Rules mode is deterministic for smoke tests, semantic mode uses your chosen provider for security evaluation, and hybrid mode combines semantic evaluation with deterministic guardrails for CI.