Summary Cryptex OSS is an open-source, browser-native toolkit for LLM red-teaming, offering 159 text transformers and 26 specialized tool surfaces for adversarial prompt engineering. It empowers researchers with a privacy-focused, self-hostable solution for rapid experimentation without backend infrastructure.

How It Works The toolkit bundles 159 text transformers (encodings, ciphers, Unicode) with 26 tool surfaces, featuring a "Campaign" front door for automated attack strategy generation and ASR reporting. It runs entirely client-side in the browser, routing AI calls directly using BYOK keys stored locally, eliminating backend dependencies, databases, and telemetry for enhanced privacy.

Quick Start & Requirements

• Primary Install: Docker: docker run -d --name cryptex --restart unless-stopped -p 8080:80 ghcr.io/m4xx101/cryptex-oss:latest. Docker Compose supported.
• Build from Source: Requires Node.js (20.19+/22.12+) and npm. Clone repo, cd app/, npm install, npm run dev.
• Prerequisites: Node.js, npm. Optional: uv for Python CLI.
• Deployment: Multi-arch Docker. Production VPS via Dokploy/Traefik. Free hosting options: GitHub Pages, Cloudflare Pages, Vercel, Netlify, Render, self-hosting.
• Links: DEPLOY.md, docs/USAGE.md.

Highlighted Details

• 159 text transformers and 26 tool surfaces for diverse adversarial techniques.
• "Campaign" front door automates attack generation, LLM judging, and ASR reporting.
• Fully browser-based: No backend, database, or telemetry; BYOK keys remain local.
• Responsive design for mobile; Python CLI available.

Maintenance & Community The project is open-source under the MIT license. No specific maintainer, sponsorship, or community channel details were found in the provided README text.

Licensing & Compatibility

• License: MIT.
• Corpora Licenses: Bundled corpora adhere to MIT, CC-BY-4.0, or CC0. No GPL, AGPL, CC-BY-SA, or CC-BY-NC material included. Per-source attribution available.
• Compatibility: Browser-native. Supports numerous AI providers directly or via OpenRouter. Direct OpenAI/Gemini browser access is blocked by CORS.

Limitations & Caveats The OSS variant focuses on tools, excluding the chat playground and attack-chain composer of the "Production" product. Benchmark scoring is heuristic, serving as a craft signal.