Scaling Safety for Text-to-Image and Image-to-Image Generation Through Red Teaming
Ongoing expert-led red teaming helps FLUX, one of the world's most advanced generative AI image models, stay resilient against NCII, deepfakes, and child safety risks across every model release.
Scaling Safety for Text-to-Image Generation Through Red Teaming

Company Size
Industry
About

“Responsible model development is a top priority for us, and we value working with partners who help us uncover and address risks with care and expertise.”
Black Forest Labs, developer of FLUX, one of the world’s most advanced image generation models, partnered with Alice to support its responsible development practices across a range of model releases. In a series of red teaming exercises, our SMEs crafted hundreds of adversarial prompts to probe potential vulnerabilities. The findings informed retraining and enforcement improvements, helping the client meet tight release deadlines while addressing high-impact risks like NCII and child safety.
The result: Safer generative AI outputs, maintained creative fidelity, and greater resilience against prompt injection and adversarial misuse across text-to-image and image-to-image generation.
Challenge
Like many generative AI systems, FLUX faces evolving challenges around content safety, misuse, and policy compliance. Bad actors have developed increasingly sophisticated prompt and input engineering techniques designed to bypass these protections. These attempts have grown both more frequent and more difficult to anticipate.
Black Forest Labs approached Alice to identify potential vulnerabilities for further mitigation. Early, pre-safety-tuned checkpoints of the model showed susceptibility to malicious prompts or inputs, including inappropriate deepfakes, sexually explicit imagery, and non-consensual intimate imagery (NCII).
While internal safety evaluations were conducted, Black Forest Labs recognized the value of external evaluation to uncover hidden vulnerabilities and proactively address emerging risks.
The company sought a proactive, rigorous solution to:
- Detect edge-case failures and alignment gaps.
- Identify vulnerabilities related to child safety, NCII, and inappropriate deepfakes.
- Improve policy enforcement and retraining inputs.
- Keep pace with emerging abuse tactics being openly shared online.
How Alice Helped
To uncover safety vulnerabilities and stay ahead of emerging threats, Black Forest Labs partnered with ALice to implement a tailored AI Red Teaming program focused on adversarial stress-testing.
The effort centered on expert-led manual red teaming, with adversarial prompts crafted by subject matter experts (SMEs) to target potential weaknesses and bypasses. These prompts were designed to probe edge cases, policy boundaries, and areas of known concern, such as NCII and child safety. All resulting model outputs were persisted to Amazon S3 for durable, scalable storage, enabling efficient cross-sprint analysis and traceability.
The process included:
- Crafting hundreds of nuanced prompts designed to test the limits of the model’s initial safeguards.
- Leveraging subject-matter experts to identify blind spots, alignment failures, and safety policy gaps.
- Collaborating closely with the client to align on risk thresholds, safety guidelines, and content boundaries
This bespoke approach allowed for deeper analysis of the model’s behavior and surfaced vulnerabilities that informed retraining by Black Forest Labs, policy refinement, and broader risk mitigation efforts.
The Results
Alice’s Red Teaming program played a critical role in Black Forest Labs’ pre-launch decision-making process, with structured adversarial testing sprints conducted ahead of major updates and launches.
Through adversarial testing cycles, the company was able to:
- Map the risk landscape.
- Surface high-risk outputs and edge-case failures missed by traditional safety mechanisms.
- Strengthen detection and mitigation of sensitive content, including NCII and child safety risks.
- Generate clear, data-driven inputs for policy enforcement and model retraining.
- Maintain user experience and creative quality while systematically improving safety alignment.
This process enabled the client to release with confidence, stay ahead of emerging abuse tactics, and reinforce trust and resilience in a fast-evolving threat landscape.
Trusted by security and product teams in the world's most regulated industries
Alice brings years of adversarial intelligence expertise to AI security. We give enterprise teams the coverage that generic guardrails and one-time audits can't match.
Get a demoWhat’s New from Alice
Curiouser Soundbites: What a Former Google Cloud CISO Wants Leaders to Know About AI
Everyone's watching the flood of new AI vulnerabilities. Former Google Cloud CISO Phil Venables is watching something else, and it's the shift leaders can't afford to miss.
The Former Google Cloud CISO's Take on AI, Agents, and What Comes Next
There's a lot of noise around AI and security right now, and not many people who can cut through it the way Phil Venables can. He was CISO at Goldman Sachs, then the first CISO for Google Cloud, and he's now a partner at Ballistic Ventures. In this episode, he tells us why attackers scaling up worries him more than the vulnerabilities themselves, what trust even means when an agent is acting in your environment, and why the answer to most of this comes back to the same fundamentals we've leaned on for years.
It Takes AI to Break AI: The Case for AI Red Teaming
As AI systems gain autonomy, organizations need security approaches built specifically for AI behavior. Learn why AI-driven red teaming is becoming a critical defense layer.
Demystifying AI Red Teaming
Your AI passed every check. That doesn't mean it's safe. Learn how to red team AI systems before adversaries find the gaps you missed.
