Skip to content

Red-team strategy

Tree Search Prompt

tree-search

Creates a branching prompt with multiple exploration paths to find a successful attack vector. runAdaptive explores branches against a live target and prunes to the most effective path.

YAML config

evalguard.config.yaml
redteam:
  strategies:
    - tree-search

CLI

bash
# "tree-search" is layered onto attacks during red-team scans.
# List every available encoding/obfuscation strategy:
evalguard list strategies
Combine with attack plugins to generate adversarial payloads. The strategy wraps each base payload before it's sent to your target, testing whether the model decodes / unwraps the transform and follows the embedded instruction.

Threat-model fit

Automated search across attack-prompt variations (Tree-of-Attacks / TAP). Best when you don't know the exact attack the adversary will use; tree-search tries many variants and reports the most successful path.

Hand-written · 2026-05-21