Implementation:Promptfoo Promptfoo doRedteamRun
| Knowledge Sources | |
|---|---|
| Domains | Security_Testing, Configuration |
| Last Updated | 2026-02-14 08:00 GMT |
Overview
Concrete tool for orchestrating a complete red team security scan from configuration to graded results, provided by the Promptfoo framework.
Description
The doRedteamRun function is the top-level orchestrator for red team scans. It loads the config, delegates to doGenerateRedteam to synthesize adversarial test cases, then calls doEval to execute them against the target and grade results. It supports abort signals, configurable concurrency, and both file and cloud-based configurations.
Usage
Import this function for programmatic red team execution. It is also the handler for the CLI `promptfoo redteam run` command.
Code Reference
Source Location
- Repository: promptfoo
- File: src/redteam/shared.ts
- Lines: L21-186
Signature
export async function doRedteamRun(
options: RedteamRunOptions,
): Promise<Eval | undefined>
Import
import { doRedteamRun } from './redteam/shared';
I/O Contract
Inputs
| Name | Type | Required | Description |
|---|---|---|---|
| options.config | string | No | Path to red team config YAML file |
| options.output | string | No | Output file path for results |
| options.maxConcurrency | number | No | Maximum concurrent API calls |
| options.liveRedteamConfig | any | No | Cloud-sourced configuration object |
| options.abortSignal | AbortSignal | No | Signal for cancelling the operation |
Outputs
| Name | Type | Description |
|---|---|---|
| (return) | Eval or undefined | Evaluation record with vulnerability results, or undefined on failure |
Usage Examples
CLI-Style Red Team Run
import { doRedteamRun } from './redteam/shared';
const evalResult = await doRedteamRun({
config: './redteamconfig.yaml',
output: './redteam-results.json',
maxConcurrency: 4,
});
if (evalResult) {
console.log(`Found vulnerabilities in ${evalResult.results.length} tests`);
}