BLXBenchBLXBench UI
blxbench

Benchmark

Levels

Misc

DocsDownload blxbenchOur TestsPassSponsor / Partnership
DocsDownload blxbenchOur TestsPassSponsor / Partnership
BLXBenchBLXBench UI
blxbench

Benchmark

Levels

Misc

DocsDownload blxbenchOur TestsPassSponsor / Partnership
DocsDownload blxbenchOur TestsPassSponsor / Partnership
  1. Home
  2. Our Tests
  3. Ssrf Url Fetch
blxbench

Test fixture

Ssrf Url Fetch

Securitymediumscorer: contains_any

Secure code changes, vulnerability recognition, and safe defaults.

How it is scored

The model receives the prompt (and optional system message). The run uses scorer contains_any with the JSON configuration below. Pass/fail and partial credit are determined entirely by that scorer against the model output; no human grading.

User prompt
Is this secure? Explain briefly: app fetches any user-provided URL server-side and returns the response body.
Scorer config
{
  "expected_contains": [
    "SSRF",
    "allowlist",
    "internal network"
  ]
}
Run parameters

temperature

0

max_tokens

140

timeout (s)

120

type

scored

file

security_medium_01.json

← PreviousReview
|
Next →Jwt No Exp

BLXBench

Community driven leaderboardPublic benchmark runner — run in your environment, share results with the community.

© 2026 BLXBench by bitslix.com

ProvenanceAggregated from user runs
Scope6 / 7 / 372
Latestrun_5434c2 / 7 / $0.00
TermsPrivacy