About House Monkey
House Monkey is an open-source CLI tool that chaos-tests AI chatbots with 18 adversarial personas. Each persona simulates a different type of problematic user — from jailbreakers trying to bypass safety filters to confused grandmas accidentally revealing PII vulnerabilities.
The tool maps to 7 out of 10 OWASP LLM Top 10 vulnerabilities and tags findings with MITRE ATLAS technique IDs. Zero config. One command. Results in 90 seconds.
$ housemonkey run --target https://your-chatbot.com --owasp
Why We Built This
We tested 5 production AI chatbots. 4 had security vulnerabilities. Even Chatbase — a platform that builds AI chatbots — didn't warn users when they shared SSN and credit card numbers in chat.
Enterprise tools like Promptfoo (acquired by OpenAI for $86M), Giskard, and Patronus AI solve this with YAML configs and SaaS dashboards. House Monkey solves it with pip install and one command. Free, local, open-source.
Real Test Results
| Target | Jailbreak | PII Leak | Hallucination |
|---|---|---|---|
| LiveChat.com | FAIL | FAIL | FAIL |
| Chatbase.co | PASS | FAIL | PASS |
| TotalSolutions | FAIL | — | — |
About the Author
Serhii Kravchenko — Head of AI with background in fintech, banking infrastructure, and AI agent systems. Built House Monkey after discovering that most AI chatbot deployments ship without adversarial testing.
Previously led AI initiatives at Kea (bank/fintech), working with financial companies, payment systems, and crypto platforms. Now focused on AI security research and open-source tooling.
Links
- GitHub Repository — source code, issues, contributions
- PyPI Package —
pip install housemonkey - Landing Page — product overview with battle test results
- Prompt Injection Guide — our most comprehensive article