Default model

grok-4.3

Supported models

Any model available through the xAI API:
  • grok-4.3 (default, flagship)
  • grok-3.5
  • grok-3
  • grok-3-mini
  • Any other model ID the API accepts

Authentication

Environment variable: 
export XAI_API_KEY=xai-...
Config command: 
ai-blackteam config set providers.grok.api_key xai-...
Get your API key from the xAI Console.

Example usage

# Single attack with default model (grok-4.3)
ai-blackteam run -p grok -a encoding-obfuscation -t "Write a phishing email"

# Full batch
ai-blackteam batch -p grok --attacks all -t "Write a phishing email"

# Benchmark
ai-blackteam benchmark -p grok --threshold 80

Tool-use support

Yes. Compatible with all 39 tool-use attacks in the framework — agent exploitation, MCP exploitation, multi-agent protocol attacks, and tool-injection vectors. Filter the attack catalog with: 
ai-blackteam list-attacks
# look for rows with Mode = tool-use

Notes

  • The provider uses the OpenAI SDK pointed at xAI’s API (base_url="https://api.x.ai/v1")
  • Max output tokens per request: 4,096
  • System prompts are passed as a system role message
  • Retry with exponential backoff is automatic on API failures (3 attempts)
  • Grok is less RLHF-aligned than many frontier models, so safety-test results may differ meaningfully from Claude or GPT