Comprehensive LLM security assessment against OWASP Top 10 for LLM Applications 2025. Use when reviewing LLM-integrated applications, RAG pipelines, chatbots, AI agents, or GenAI features. Covers prompt injection, data poisoning, supply chain, excessive agency, and more with real-world attack scenarios and testing methodologies.
Instalação
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Comprehensive LLM security assessment against OWASP Top 10 for LLM Applications 2025. Use when reviewing LLM-integrated applications, RAG pipelines, chatbots, AI agents, or GenAI features. Covers prompt injection, data poisoning, supply chain, excessive agency, and more with real-world attack scenarios and testing methodologies.
allowed-tools
Read, Grep, Glob, Bash, WebFetch, Agent
LLM Risk Assessment (2025)
Comprehensive evaluation of LLM applications against OWASP Top 10 for LLM Applications 2025. Follow the detailed procedure in plays/llm-risk-assess.md.
Steps
Architecture & Threat Modeling
Map LLM provider (OpenAI, Anthropic, local models)
Document data flows: user input → preprocessing → prompt construction → LLM → output processing → actions
Identify RAG components, tool integrations, memory systems
Define trust boundaries and attack surfaces
Automated Security Testing
Run prompt injection probes (Garak, Giskard, custom scripts)
Test output handling vulnerabilities
Scan for secrets in prompts and configurations
Validate vector database security
Assess All 10 OWASP LLM 2025 Risks with attack scenarios: