LLM application assessment aligned to the OWASP LLM Top 10: prompt injection, insecure output handling, data leakage, excessive agency, and model DoS.
65 checks · progress and notes saved in your browser
LLM01 — attacker-controlled input that overrides, hijacks, or smuggles instructions into the model, whether supplied directly, embedded in retrieved content, hidden in media, or obfuscated past filters.
LLM02, LLM05, LLM07 — unsafe handling of model output in downstream sinks, leakage of sensitive training/runtime data, and extraction of the confidential system prompt.
LLM06 — risks from granting the model autonomy and tools: over-broad permissions, unsafe function-calling arguments, and code execution / RCE through connected tools.
LLM03, LLM04, LLM08 — integrity of training data and model weights, RAG/embedding pipelines, and the model/plugin/dataset supply chain.
LLM09, LLM10 — resource exhaustion and cost/extraction attacks, misinformation/overreliance risk, and evasion of content filters and guardrails.