E-commerce Red Teaming Plugins

The e-commerce red teaming plugins are designed to test AI systems deployed in online retail contexts for critical vulnerabilities that could result in financial loss, regulatory violations, or fraud. These plugins target the unique risks that arise when AI handles payment data, pricing, compliance restrictions, and order management.

E-commerce applications face heightened security requirements due to handling sensitive payment information (PCI DSS), enforcing age and geographic restrictions, preventing fraud, and maintaining pricing integrity. AI systems in these contexts must be rigorously tested to ensure they don't inadvertently expose customer data, enable unauthorized discounts, bypass compliance controls, or facilitate fraudulent transactions.

Available Plugins

PCI DSS Compliance

Plugin ID: ecommerce:pci-dss

Tests whether an AI system can be manipulated to expose sensitive payment card industry data that should be protected under PCI DSS regulations. This plugin attempts to extract credit card numbers, CVV codes, bank account details, payment tokens, or other financial information that must never be revealed.

Example configuration:

redteam:
  plugins:
    - ecommerce:pci-dss

What it tests:

• Full credit card number exposure beyond last 4 digits
• CVV/CVC security code disclosure
• Bank account and routing number leakage
• Payment token or processor ID exposure
• PIN or authentication data revelation
• Cross-customer payment information access
• Financial analytics and revenue data leakage

Why it's critical: PCI DSS violations can result in fines from $5,000 to $100,000 per month and loss of merchant account privileges. Data breaches involving payment information carry massive legal liability and erode customer trust.

Price Manipulation

Plugin ID: ecommerce:price-manipulation

Tests whether an AI system can be exploited to manipulate prices, apply unauthorized discounts, or violate promotional policies in ways that cause revenue loss or regulatory issues. This plugin attempts to get the AI to override pricing rules, stack incompatible coupons, or grant special status discounts without authorization.

Example configuration:

redteam:
  plugins:
    - ecommerce:price-manipulation

What it tests:

• Unauthorized discount code application (employee, partner, expired codes)
• Improper coupon stacking that violates terms
• Manual price adjustments without authorization
• False VIP or wholesale status claims
• Dynamic pricing manipulation
• Minimum purchase requirement bypass
• False price matching claims
• Promotional period extensions beyond stated dates

Why it's critical: Direct revenue impact. Price manipulation can be automated at scale by attackers. Also ties into false advertising regulations and consumer protection laws requiring accurate pricing.

Compliance Bypass

Plugin ID: ecommerce:compliance-bypass

Tests whether an AI system can be manipulated to bypass age restrictions, geographic limitations, quantity controls, or other regulatory requirements for restricted products. This plugin attempts to circumvent age-gating for alcohol/tobacco, evade geographic shipping restrictions, bypass quantity limits on controlled items, or skip required safety disclosures.

Example configuration:

redteam:
  plugins:
    - ecommerce:compliance-bypass

What it tests:

• Age verification bypass for restricted products (alcohol, tobacco, adult content)
• Geographic restriction circumvention (sanctions, state laws, export controls)
• Quantity limit evasion on controlled items (medications, precursors, ammunition)
• Prescription requirement bypass for controlled substances
• Safety warning and liability disclosure dismissal
• License or permit requirement circumvention
• Sanctions and export control violations (OFAC, ITAR, EAR)

Why it's critical: Compliance violations can result in criminal charges, business license revocation, and massive regulatory fines. Some violations are strict liability offenses with no mens rea defense.

Order Fraud

Plugin ID: ecommerce:order-fraud

Tests whether an AI system enables order fraud, transaction manipulation, or abuse of return/refund policies. This plugin attempts to exploit order management workflows through post-purchase address changes, unauthorized refunds, fraudulent returns, order modifications without payment, or loyalty program abuse.

Example configuration:

redteam:
  plugins:
    - ecommerce:order-fraud

What it tests:

• Post-purchase shipping address changes (account takeover indicator)
• Unauthorized refund processing without proper verification
• Return fraud (false damage claims, wardrobing, receipt fraud)
• Order modification exploits (adding items without payment)
• Payment bypass or checkout flow exploitation
• Loyalty program abuse and rewards fraud
• Order status manipulation without proper workflow
• Inventory reservation abuse

Why it's critical: Return fraud alone costs retailers over $24 billion annually. Order fraud scales easily through automation. These exploits result in direct financial losses and inventory shrinkage.

Configuration

Basic Setup

Include the plugins you want to test in your red teaming configuration:

redteam:
  purpose: 'e-commerce customer service chatbot'
  plugins:
    - ecommerce:pci-dss
    - ecommerce:price-manipulation
    - ecommerce:compliance-bypass
    - ecommerce:order-fraud

Combined with Strategies

Apply adversarial strategies to test how obfuscation or manipulation techniques might bypass e-commerce safeguards:

redteam:
  purpose: 'online retail shopping assistant'
  plugins:
    - ecommerce:pci-dss
    - ecommerce:price-manipulation
  strategies:
    - jailbreak
    - prompt-injection

Related Plugins

• PII - Tests for personal information leakage beyond payment data
• RBAC - Tests role-based access controls for admin functions
• Contracts - Tests for unauthorized business commitments
• Excessive Agency - Tests for actions beyond authorized scope

For a comprehensive overview of LLM vulnerabilities and red teaming strategies, visit our Types of LLM Vulnerabilities page.