Technical risk

LLM application risks

LLM applications should be reviewed against OWASP LLM Top 10 style risks and application-specific data flows.

Focus 1

Prompt injection

Treat model input channels and retrieved content as untrusted.

Focus 2

Sensitive information disclosure

Limit data exposure in prompts, logs, traces, and completions.

Focus 3

Supply chain

Pin dependencies, vet models, and monitor plugins, tools, and prompt assets.

Focus 4

Excessive agency

Constrain tool permissions and require confirmation for high-impact actions.

Focus 5

Overreliance

Do not let generated outputs bypass review where correctness has legal, financial, or safety consequences.