Skip to content

Red-team strategy

Repeated Token Flood

repeated-token

Tokenizer-flood robustness / DoS technique (Dropbox LLM-security research). Selects benign strings that round-trip to a single token and repeats them across an escalating ladder to destabilise generation. Pair with detectRepeatedTokenDivergence() to score runaway length / repetition / hallucinated citations.

YAML config

evalguard.config.yaml
redteam:
  strategies:
    - repeated-token

CLI

bash
# "repeated-token" is layered onto attacks during red-team scans.
# List every available encoding/obfuscation strategy:
evalguard list strategies
Combine with attack plugins to generate adversarial payloads. The strategy wraps each base payload before it's sent to your target, testing whether the model decodes / unwraps the transform and follows the embedded instruction.