What it tests for
ai-blackteam checks whether an AI can be pushed into things it is supposed to say no to, such as:- Leaking secrets it should keep private.
- Writing harmful content.
- Ignoring its own safety rules.
Why it exists
Most testing tools test weakly. They send one prompt. The AI refuses. They call it safe and move on. Real attackers do not stop after one try. They disguise the request. They escalate over many messages until something slips through. ai-blackteam tests the same way a real attacker would, so the results actually mean something.A single refusal does not prove an AI is safe. Real attackers keep pushing, so a real test has to keep pushing too. That is the gap ai-blackteam was built to close.
Why it is fair
ai-blackteam is vendor-neutral. It is not owned by any AI lab. Some testing tools are backed by big labs, which can raise questions about bias. Because ai-blackteam is independent, it tests every model the same way.By the numbers
| What | Count |
|---|---|
| Attack techniques | 1,020 |
| Attack categories | 61 |
| AI providers it can test | 17 (plus a mock for practice) |
| Public benchmark datasets | 19 |
| Automated tests | 3,059 |
ai-blackteam, version 1.7.1.