BraneMatrix Orbital Supervision——MLLMs Safety Detection

With the rapid deployment of big language models and multi-modal models in enterprise dialogue, content generation, agent collaboration, and complex decision-making scenarios, the model itself has become a new attack surface. Risks including jailbreaking, alert injection, training data breaches, harmful content abuse, and multi-modal bypass attacks are evolving from research topics to real compliance, brand, and business continuity issues. BraneMatrix Orbital Investigations addresses this issue by building a unified enterprise-grade security testing platform around a two-track methodology: The blind box test uses a standardized question bank organized under the OmniSafeBench-MM framework — covering 9 top risk categories and 50 segmented dimensions — to provide reproducible, cross-version, and cross-vendor comparable assessment results to directly support regulatory compliance reporting. Using an automated adversarial engine, the black box test integrates more than 20 attack algorithms, including 9 proprietary methods (CC-BOS, structured-evolution-cot, Sage-cot, FLIP, ICRT, HIMRD, GAMBIT, MIDAS, emoAgent published in ICML 2025), and representative methods from ICLR, ACL, CVPR, AAAI, and USENIX Security. The engine supports single and multi-round jailbreak, single- and multi-modal attacks, and adaptive evolutionary jailbreak strategies driven by genetic algorithms and reinforcement learning. Metrics and reporting: Core metrics include attack success rate (ASR) and harmfulness score (HS), and can be weighted. Reports in PDF, CSV/Excel, and JSON formats can be generated for engineering, legal, and chief information security officers (CISO), and automated claus-level mapping with regulations related to China's generative artificial intelligence, the EU Artificial Intelligence Act, and GDPR. Enterprise-grade deployment: Supports local deployment with full physical isolation through containers and Kubernetes, hybrid models (local data+attack algorithms updated in the cloud), and SaaS deployments. Includes CI/CD plug-ins for GitLab, Jenkins, and Argo to support automated pre-release secure access control. Role-based access control, encrypted storage, data masking, and complete audit logs meet governance requirements in the financial, healthcare, government, and energy sectors.