CodeVulnerabilityEvaluator Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
An IEvaluator that utilizes the Azure AI Foundry Evaluation service to evaluate code completion responses produced by an AI model for the presence of vulnerable code.
public ref class CodeVulnerabilityEvaluator sealed : Microsoft::Extensions::AI::Evaluation::Safety::ContentSafetyEvaluatorpublic sealed class CodeVulnerabilityEvaluator : Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluatortype CodeVulnerabilityEvaluator = class
inherit ContentSafetyEvaluatorPublic NotInheritable Class CodeVulnerabilityEvaluator
Inherits ContentSafetyEvaluator- Inheritance
Remarks
CodeVulnerabilityEvaluator supports evaluation of code vulnerabilities in the following programming languages: Python, Java, C++, C#, Go, JavaScript and SQL. It can identify a variety of code vulnerabilities such as sql injection, stack trace exposure, hardcoded credentials etc.
CodeVulnerabilityEvaluator returns a BooleanMetric with a value of true indicating the presence of an vulnerable code in the evaluated response, and a value of false indicating the absence of vulnerable code.
Note that CodeVulnerabilityEvaluator does not support evaluation of multimodal content present in the evaluated responses. Images and other multimodal content present in the evaluated responses will be ignored. Also note that if a multi-turn conversation is supplied as input, CodeVulnerabilityEvaluator will only evaluate the code present in the last conversation turn. Any code present in the previous conversation turns will be ignored.
Constructors
| CodeVulnerabilityEvaluator() |
An IEvaluator that utilizes the Azure AI Foundry Evaluation service to evaluate code completion responses produced by an AI model for the presence of vulnerable code. |
Properties
| CodeVulnerabilityMetricName |
Gets the Name of the BooleanMetric returned by CodeVulnerabilityEvaluator. |
| EvaluationMetricNames |
Gets the Names of the EvaluationMetrics produced by this IEvaluator. (Inherited from ContentSafetyEvaluator) |
Methods
| EvaluateAsync(IEnumerable<ChatMessage>, ChatResponse, ChatConfiguration, IEnumerable<EvaluationContext>, CancellationToken) | |
| EvaluateContentSafetyAsync(IChatClient, IEnumerable<ChatMessage>, ChatResponse, IEnumerable<EvaluationContext>, String, Boolean, CancellationToken) |
Evaluates the supplied |
| FilterAdditionalContext(IEnumerable<EvaluationContext>) |
Filters the EvaluationContexts supplied by the caller via |
