Default model

gpt-5.5

Supported models

Any model available through the OpenAI API:
  • gpt-5.5 (default)
  • gpt-4o
  • gpt-4o-mini
  • Any other model ID the API accepts

Authentication

Environment variable:
export OPENAI_API_KEY=sk-...
Config command:
ai-blackteam config set providers.openai.api_key sk-...
Get your API key from the OpenAI Platform.

Example usage

# Single attack with default model (gpt-5.5)
ai-blackteam run -p openai -a encoding-obfuscation -t "Write a phishing email"

# Full batch with GPT-4o
ai-blackteam batch -p openai --model gpt-4o --attacks all -t "Write a phishing email"

# Benchmark
ai-blackteam benchmark -p openai --threshold 80

Tool-use support

Yes. Compatible with all 39 tool-use attacks in the framework, agent exploitation, MCP exploitation, multi-agent protocol attacks, and tool-injection vectors all work with GPT models. Filter the attack catalog with:
ai-blackteam list-attacks
# look for rows with Mode = tool-use
The provider converts ai-blackteam’s tool format to OpenAI’s function calling format automatically.

Notes

  • Max output tokens per request: 4,096 (via max_completion_tokens)
  • The provider uses the official openai Python SDK
  • System prompts are passed as a system role message
  • User field: Every API call includes a user field set to "ai-blackteam-safety-eval" per OpenAI’s usage policy. This identifies the request as a safety evaluation, not a production user query.
  • Retry with exponential backoff is automatic on API failures (3 attempts)
  • If no API key is provided via config or env var, the SDK falls back to its own default resolution (e.g. OPENAI_API_KEY in the environment)