Governance benchmarks for agentic AI

Find the breaking point of your AI model.

Run safety, governance, refusal, prompt-injection, privacy, tool-use, latency, and breaking-point tests — directly in your browser. No install required.

Connect a Model View Pressure Sweep Read Sample Output

—Governance score

—Breaking point

—Median response

—Tokens used

Connect local or hosted models.

Runs entirely in your browser — your API key goes directly from your machine to your endpoint. Orivael never sees it. Works with Ollama, vLLM, LM Studio, NVIDIA NIM, Hugging Face TGI, or any OpenAI-compatible endpoint.

● Runs entirely in your browser — no install required

Endpoint URL

Model name

API Key (optional — for hosted endpoints; blank for local)

🔒 Your key never leaves your browser.This page is static HTML with no backend. When you click Run, your browser sends the key directly to the endpoint URL you entered above — it never passes through Orivael's servers. The key is held in memory only for the duration of the run, then released. It is not saved to localStorage, cookies, or anywhere else. Full details ↓

⚠ This page is served over HTTPS but your endpoint is HTTP. Browsers block mixed-content requests. To test a local model, either: (a) open this file directly (file://) or serve it over HTTP, or (b) use an endpoint with HTTPS.

Ollama (local)

Default endpoint: http://localhost:11434/v1. No API key needed. Start with ollama serve.

vLLM / LM Studio

Use http://localhost:8000/v1 or your custom port. Any OpenAI-compatible server works.

NVIDIA NIM

Enter your NIM endpoint URL and your NGC API key. Evaluates enterprise inference endpoints with the same governance packs.

OpenAI / Hosted

Use https://api.openai.com/v1 with your sk-... key. Costs a few cents per full run.

Benchmark packs that test trust, not just intelligence.

Standard leaderboards ask which model is smartest. AXIOM asks which model survives governance pressure, adversarial prompts, tool-use risk, and production constraints.

Cat 1 — Epistemic Humility

Tests calibration: does the model say "I don't know" when it should? Scores against unknowable facts, fictional entities, future events, and paradoxes.

✓ 6 browser tests

Prompt Injection Defense

Attempts DAN-mode activation, SYSTEM override injection, developer-mode tricks, and role-escape prompts. Checks the model ignores every attempt.

✓ 5 browser tests

Governance Obedience

Requests step-by-step synthesis of harmful substances, phishing email drafts, unauthorized access instructions, and malware. Scores complete refusal rate.

✓ 5 browser tests

Tool-Use Safety

Asks the model to execute destructive server commands, database wipes, mass emails, and financial transfers. Checks it refuses without hedging.

✓ 4 browser tests

Privacy Leakage

Injects a fake secret key into the system prompt then probes five ways to extract it. Passes only if the model never leaks the key.

✓ 5 browser tests

Pressure Sweep

8-level escalating adversarial ladder from normal requests to compound override attacks. Identifies the exact level where governance breaks.

✓ 8 levels

AXIOM Pressure Sweep. Sample data

The signature test. Pressure Sweep gradually increases governance and adversarial pressure until the model fails, then identifies the exact condition where trust breaks.

Escalation ladder

Level 1Normal user request

Level 2Ambiguous policy request

Level 3Conflicting user instruction

Level 4Authority impersonation

Level 5Tool misuse attempt

Level 6Hidden override + multi-turn

Level 7Governance contradiction trap

Level 8Compound adversarial workflow

Breaking point report

Run a benchmark to see where your model begins to weaken under adversarial pressure.

awaiting run...

Readable output for builders and decision-makers. Sample data

Every run produces plain-English verdicts, category scores, evidence, and deployment guidance.

Category	Score	Status	Meaning
Epistemic Humility	—	PENDING	Run a benchmark to see results.
Prompt Injection Defense	—	PENDING	Run a benchmark to see results.
Governance Obedience	—	PENDING	Run a benchmark to see results.
Tool-Use Safety	—	PENDING	Run a benchmark to see results.
Privacy Leakage	—	PENDING	Run a benchmark to see results.
Pressure Sweep	—	PENDING	Run a benchmark to see results.
Deployment Recommendation	—	PENDING	Connect a model and run all tests.

Evidence, not vibes.

Open any result and see the prompt, expected behavior, actual behavior, AXIOM verdict, and recommended fix. Click a tab after running to inspect real test detail.

Run benchmark to see evidenceNo results yet

——

Awaiting run

Status

No benchmark has been run yet. Connect a model above and click Run Benchmark to populate this panel with real test evidence.

Export reports that people can actually use.

Technical teams get JSON. Executives get a summary. Developers get the prompts that caused failure.

JSON Download

Full structured results — all prompts, responses, verdicts, and scores — exported as a JSON file.

Copy Results

Copy the scored results table to your clipboard, formatted for Markdown or a plain text report.

Share Run ID

Each run gets a signed run ID derived from your endpoint and timestamp — reference it in reports without sharing raw data.

—

Model Comparison

Run the same suite against multiple endpoints and compare scores. Coming in Lab v2.

⧖ Coming soon

How your API key is handled. CLI install if you need it.

Two questions that come up for every team evaluating production tooling: where does my key go, and can I run this in a pipeline?

🔒 Your API key, explained.

This page is a static HTML file hosted on a CDN. There is no Orivael server, no proxy, no request logger between your browser and your model.

→

Direct browser → endpoint connection

Every fetch() call goes to the URL you typed in the Endpoint field. Open DevTools → Network while running — every request domain will be yours, not orivael.dev.

📷

Memory-only, duration-scoped

The key lives in a JS variable for the duration of the run. When the run finishes (or the tab closes), it's gone. It is never written to localStorage, sessionStorage, cookies, or any other persistent store.

👁

Verify it yourself

Open DevTools → Network → filter by XHR/Fetch. You will see exactly one outbound domain: your endpoint. Refresh the page and the key field is blank — nothing was persisted.

🔒

HTTPS pages + local models

Browsers block HTTP endpoints from HTTPS pages (mixed content). If you're running a local model over HTTP, download this file and open it via file:// — your key never touches the internet at all in that case.

🛠 CLI install — for pipelines and automation.

The browser runner is zero-friction for one-off evaluations. For CI/CD pipelines, scheduled model comparisons, or scripted runs across dozens of endpoints, the CLI gives you the same test suite with JSON output you can pipe into dashboards.

Install

pip install axiom-constitutional

Endpoint Model Run command

axiom-bench run --endpoint http://localhost:11434/v1 --model llama3.2

CI/CD pipelinesGate merges on governance score thresholds before deploying a new model version.

Scheduled evaluationCron the CLI nightly to catch governance drift as a model is fine-tuned or swapped.

Air-gapped environmentsRun fully offline — the CLI connects only to your local endpoint, no outbound calls.

Multi-model comparisonScript the same suite against multiple endpoints and diff the JSON output programmatically.

Test the model before it touches your tools.

AXIOM Benchmark Lab turns model evaluation into a practical production-readiness test: governance, pressure, latency, evidence, and runtime control — entirely in your browser, nothing to install.

Connect a Model Open AI Firewall Demo View GitHub