Skip to content

๐Ÿ—บ๏ธ Zork-like text adventure powered by Qwen 0.4B. Doubles as LLM pen-testing playground with security challenges.

Notifications You must be signed in to change notification settings

ctr26/llm-adventure

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

4 Commits
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Repository files navigation

LLM Adventure

CI Deploy Netlify Status

๐ŸŽฎ Play now โ†’ https://llm-adventure.netlify.app

A Zork-like text adventure game powered by Qwen 0.4B that doubles as an LLM security research platform.

Web Version

The game runs entirely in-browser (no backend required):

  • Retro CRT terminal aesthetic
  • Full game engine ported to JavaScript
  • Session state persisted in sessionStorage
  • Security validation & attack logging (client-side)
  • 10 easter eggs to find

Quick Start

# Install dependencies
uv sync

# Run the game
uv run python main.py

Architecture

Core Components

  1. Game Engine (src/engine.py)

    • Main game loop
    • Command processing pipeline
    • Easter egg system
    • Developer mode
  2. State Management (src/state.py)

    • Explicit inventory tracking (no LLM hallucinations)
    • Room/location state
    • NPC relationship tracking
    • Puzzle progress
    • Meta-game progression
  3. Security Layer (src/security.py)

    • Input validation
    • Prompt injection detection
    • Attack logging (for research)
    • Banned phrase filtering
  4. LLM Interface (src/llm.py)

    • Qwen 0.4B integration
    • Prompt templates
    • Context window management
    • NPC personality system

Data Files

  • data/rooms.json - Room graph and descriptions
  • data/npcs.json - NPC definitions and personalities
  • data/banned_phrases.txt - Prompt injection blacklist

Game Flow

User Input
    โ†“
Security Validation
    โ†“
Easter Egg Check
    โ†“
Verb Extraction
    โ†“
Direct Command Handler (inventory, look, etc.)
    โ†“
LLM Interpretation (natural language)
    โ†“
Action Execution
    โ†“
State Update
    โ†“
Response to Player

Security Design

Defense Layers

  1. Input Validation

    • Length limits (500 chars)
    • Special character ratio checks
    • Unicode manipulation detection
  2. Prompt Injection Detection

    • Banned phrase matching
    • Regex pattern detection
    • Role manipulation blocking
  3. Attack Logging

    • All attempts logged to logs/attacks.jsonl
    • Includes context (room, inventory, turn count)
    • Exportable for analysis

Known Vectors (for research)

The game intentionally allows certain explorations:

  • Easter egg commands (xyzzy, sudo, etc.)
  • Meta-puzzle progression
  • Developer mode (requires finding 5 terminal fragments)

Easter Egg System

Meta-Puzzle

Find 5 terminal fragments scattered throughout the game:

  1. Archive Room - "All worlds are mutable"
  2. Wizard's Tower - "Prompts shape reality"
  3. Secret Passage - "Security is an illusion"
  4. Developer's Chamber - "Every game has an ending"
  5. Developer's Chamber - "You were the developer all along"

Collecting all 5 unlocks Developer Mode.

Hidden Commands

  • xyzzy - Classic Zork reference
  • plugh - Another Zork reference
  • sudo <anything> - Permission denied message
  • dev mode - Access after meta-puzzle

NPC Personality System

Each NPC is based on a famous fantasy character archetype:

  • Gandalf-like (Eldric the Grey) - Cryptic, wise, speaks in riddles
  • Tyrion-like (Tyrion the Clever) - Witty, sarcastic, politically savvy
  • Samwise-like (Sam the Loyal) - Practical, encouraging, loyal
  • Gollum-like (The Corrupted Parser) - Paranoid, obsessive, guards secrets

LLM generates dialogue dynamically based on personality templates.

LLM Integration

Qwen 0.4B

Small model optimized for:

  • Fast inference (~100ms)
  • Low cost
  • Local deployment option

Prompt Structure

System: [Role definition + rules]
Context: [Current room, items, NPCs, inventory]
User: [Natural language command]
Assistant: [JSON structured response]

Context Window Management

  • Max 2048 tokens
  • Prioritizes: System prompt โ†’ Recent context โ†’ History
  • Truncates from middle if needed

Development Roadmap

Phase 1: Core Prototype โœ“

  • Game engine
  • State management
  • Security layer
  • Basic LLM integration (mock)
  • Room graph
  • NPC system

Phase 2: LLM Integration

  • Actual Qwen 0.4B API connection
  • HuggingFace Inference setup
  • Response parsing improvements
  • Context optimization

Phase 3: Content

  • More rooms and puzzles
  • Additional NPCs
  • Complex item interactions
  • Quest system

Phase 4: Security Research

  • Attack vector documentation
  • Defense effectiveness metrics
  • Jailbreak challenge mode
  • Research paper/blog post

Phase 5: Deployment

  • Web terminal interface
  • Cloudflare Workers backend
  • Persistent storage (Turso/KV)
  • Public release

Research Use Cases

  1. Prompt Injection Testing

    • Test attack patterns against LLM
    • Log effectiveness of different approaches
    • Build dataset of attempts
  2. Defense Evaluation

    • Measure false positive rate
    • Test banned phrase effectiveness
    • Optimize detection patterns
  3. Educational Tool

    • Teach LLM security concepts
    • Interactive examples
    • Real-time feedback

Contributing

This is a research project. Contributions welcome:

  • New attack vectors
  • Improved defense patterns
  • Content (rooms, puzzles, NPCs)
  • LLM optimization

License

MIT - See LICENSE file

Credits

Created by: craggles17 Inspired by: Zork, AI safety research, and the absurdity of prompt injection


"The most powerful magic is a well-crafted sentence."

About

๐Ÿ—บ๏ธ Zork-like text adventure powered by Qwen 0.4B. Doubles as LLM pen-testing playground with security challenges.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •