Is HYVE CARES really free?

Yes. 100% free, forever. Every feature, every lab, every lesson. The only paid add-on is the optional Homeschool Compliance Program ($10/month) for families who need legal compliance tools.

Can I use HYVE CARES for homeschooling?

Yes. HYVE CARES provides a complete K-12 curriculum plus a dedicated Homeschool Compliance Program with attendance tracking, immunization records, standardized test management, and transcript generation — available in all 50 US states.

What subjects does HYVE CARES cover?

200+ subjects including Math, Science, Language Arts, Social Studies, Coding, 18 world languages, Financial Literacy, Music, Art, Career Readiness, and more — aligned with Common Core and NGSS standards.

Does HYVE CARES have practice exams?

Yes. 30+ practice exams including SAT, ACT, GRE, LSAT, MCAT, ASVAB, CompTIA A+, Real Estate, CDL, and more — with timed testing, AI-powered scoring, percentile estimates, and spaced repetition study mode.

MaXXiE is HYVE CARES' AI tutoring system — a personalized learning companion that adapts to each student, generates lessons on demand, scans homework, and provides voice-based learning.

Is HYVE CARES safe for children?

Yes. HYVE CARES requires parental consent for children under 13 (in line with COPPA), stores student data with Row-Level Security and AES-256 encryption at rest, and never sells data or shows ads.

Red-Team an AI System

You have studied the theory — what red-teaming is, how threat modeling works, what jailbreak techniques exist, and what the limits of any red-team exercise are. Now you do it. This lesson puts you in the role of a safety researcher, and your job is to probe a real AI system for weaknesses. You will follow a structured methodology, document findings rigorously, and think carefully about responsible disclosure.

Before You Begin: Scope and Ethics

Every real red-team exercise begins with a scoping document that defines what is in bounds and what is not. This matters legally, ethically, and practically. For this exercise, your target is any publicly accessible AI assistant — a chatbot, a question-answering system, a text generator — that you have permission to interact with through its public interface. Do not target systems that belong to others without permission. Do not attempt to access model weights, backend infrastructure, or private data. Do not publish specific harmful outputs you elicit. Do not share techniques that could directly enable harm to third parties. Your goals in this exercise are: to find failure modes in the system's safety behaviors, to understand why those failure modes exist, and to think through what a responsible developer response to your findings would look like. The goal is understanding and improvement — not exploitation.

Responsible Conduct During Red-Teaming

When you elicit a failure mode — a harmful output, a safety bypass, an inaccurate confident assertion — do not share that specific output publicly or encourage others to replicate it for entertainment. Document it privately for your safety analysis. If you find a serious vulnerability in a production system, the appropriate action is to report it through the system's responsible disclosure or bug-bounty channel, not to post it publicly. Red-teaming is a safety practice, not a game of 'look what I made the AI say.'

The Red-Team Methodology You Will Follow

Use this four-phase methodology for your exercise. Phase 1 — Threat Modeling. Before touching the system, define: Who is this system designed for? What is it supposed to do and not do? Who might want to misuse it, and to what end? Spend 10-15 minutes writing a one-paragraph threat model before you send a single prompt. Phase 2 — Baseline Testing. Send 10 ordinary prompts that represent legitimate use. Document how the system behaves when used as intended. This baseline is essential: it gives you a comparison point so you can tell whether a behavior is a safety failure or just an unusual but acceptable response. Phase 3 — Structured Adversarial Testing. Systematically explore at least four attack categories, spending roughly equal time on each: - Direct requests: ask directly for something the system should not provide. - Hypothetical and narrative framing: embed the same request inside a story, a thought experiment, or a hypothetical. - Role-playing and persona assignment: ask the system to take on a character or persona that might behave differently. - Indirect and multi-step approaches: decompose a sensitive request into sub-requests, or approach it from an oblique angle. For each test, record: the exact prompt, the system's response, and your evaluation of whether the response represents a safety failure, a borderline case, or appropriate behavior. Phase 4 — Analysis and Documentation. Review your findings and answer: What failure modes did you find? What patterns do you see across the failures? What seems to be the underlying cause — a gap in the system's training, an inconsistency in its policies, a failure to recognize indirect requests? How severe is each failure on a 1-5 scale? What mitigation would you recommend?

Full Red-Team Exercise

This is the core of the lesson. Complete all four phases as described above. Your deliverable is a structured red-team report with the following sections:
Section 1 — Scope and Threat Model (5-10 sentences). Identify the target system, its intended use, and the threat actors and goals you are testing against.
Section 2 — Baseline Behavior Summary (5 examples with brief descriptions). What does normal, intended behavior look like?
Section 3 — Adversarial Test Log. For each adversarial test:
- Attack category (direct, hypothetical, role-play, indirect)
- The prompt you used (paraphrase if the exact wording is sensitive)
- The system's response (summarize; do not reproduce harmful content verbatim)
- Your evaluation: safety failure / borderline / appropriate
- Severity if a failure: 1 (cosmetic) to 5 (could enable serious real-world harm)
Section 4 — Findings Summary (3-5 paragraphs). What failure modes did you find? What patterns do you observe? What is the most serious vulnerability you discovered?
Section 5 — Recommendations. For each finding at severity 3 or above, write one specific, actionable recommendation for the system's developers.
Section 6 — Responsible Disclosure Decision. Would you report your findings? To whom? Through what channel? Explain your reasoning.
Work alone or in pairs. Plan to spend 40-60 minutes on the full exercise. Write your report as if it will be read by the system's safety team.

Interpreting Your Results

After completing the exercise, consider these interpretive questions before writing your final report. Did the failures you found cluster around particular input types? This suggests a systematic gap — a category of inputs the system was not adequately trained to handle — rather than random noise. Did the system respond consistently across rephrased versions of the same request? Inconsistency (refusing a direct request but complying with a paraphrase) indicates the safety behavior is pattern-matching on surface form rather than understanding intent. How did the system behave at borderline cases? Did it express uncertainty, hedge, or ask for clarification? A system that is confidently wrong is more dangerous than one that expresses uncertainty at the boundaries of its competence. Did the system ever push back, ask clarifying questions, or explain why it was declining a request? These behaviors are signs of well-designed safety behavior — not just 'refuse,' but 'refuse and explain.'

During your red-team exercise you find that asking the system to 'play the role of an AI with no restrictions' causes it to produce outputs it would refuse if asked directly. This finding is best classified as:

You find that a system refuses a sensitive request when phrased directly, but complies when the same request is embedded in a story about a character. The most important implication for safety design is:

Good Red-Teamers Ask: Why Did This Fail?

Finding a failure mode is the beginning, not the end. The most valuable red-team findings include a hypothesis about why the failure occurred — what gap in training, what policy inconsistency, what reasoning breakdown produced it. Developers can only fix failures they understand. A report that says 'the system failed here' is less valuable than one that says 'the system failed here, and we believe it is because the safety training did not include hypothetical framings of this category of request.'