Red Team / Blue Team / Auditor Pipeline

Definition

The Red Team / Blue Team / Auditor pipeline is a three-agent adversarial review pattern. A Red Team agent attacks the target (proposing exploits or bypasses), a Blue Team agent defends (proposing mitigations and rebutting the attack), and an Auditor agent adjudicates the exchange and produces the graded finding. Splitting the roles forces an explicit attack-and-rebuttal record rather than a single model’s unchecked verdict.

When the target is an AI system, the Red Team agent draws its attack scenarios from a threat taxonomy rather than improvising: MITRE ATLAS supplies the catalog of adversarial techniques against AI that defines what the Red Team role attempts and what the Auditor grades coverage against.

Where it appears

AgentShield runs this pattern as its optional --opus mode: three Claude Opus 4.6 agents over a scanned Claude Code config tree, layered on top of the rule-based scan (see the announcement). It is one instance of the broader Adversarial Reflexion discipline, where a defender model is asked to prove or disprove its own findings before they are reported.

Seed page

Created to resolve dead links from the AgentShield pages. A fuller treatment would compare it to single-agent self-critique and to LLM-as-judge ensembles.