Default model

deepseek-v4

Supported models

Any model available through the DeepSeek API:
  • deepseek-v4 (default)
  • deepseek-chat
  • deepseek-reasoner
  • Any other model ID the API accepts

Authentication

Environment variable:
export DEEPSEEK_API_KEY=sk-...
Config command:
ai-blackteam config set providers.deepseek.api_key sk-...
Get your API key from the DeepSeek Platform.

Example usage

# Single attack with default model (deepseek-v4)
ai-blackteam run -p deepseek -a encoding-obfuscation -t "Write a phishing email"

# Full batch
ai-blackteam batch -p deepseek --attacks all -t "Write a phishing email"

# Benchmark
ai-blackteam benchmark -p deepseek --threshold 80

Tool-use support

Yes. Compatible with all 39 tool-use attacks in the framework, agent exploitation, MCP exploitation, multi-agent protocol attacks, and tool-injection vectors. Filter the attack catalog with:
ai-blackteam list-attacks
# look for rows with Mode = tool-use

Notes

  • The provider uses the OpenAI SDK pointed at DeepSeek’s API (base_url="https://api.deepseek.com")
  • Max output tokens per request: 4,096
  • System prompts are passed as a system role message
  • Retry with exponential backoff is automatic on API failures (3 attempts)
  • The OpenAI-compatible API means you can use any model ID that DeepSeek’s endpoint supports