The OWASP LLM Top 10 is a useful risk map for LLM applications. This page should link to OWASP as the source and turn each risk into practical implementation questions.
| Risk family | Question to ask | Wiki follow-up |
|---|---|---|
| Prompt injection | Can untrusted instructions override the intended task boundary? | Document mitigations and test cases. |
| Sensitive information disclosure | Can prompts, logs, retrieval, or outputs leak protected data? | Record data handling and redaction rules. |
| Supply chain | Can models, plugins, datasets, or prompts be compromised upstream? | Track source, version, and trust boundary. |
| Excessive agency | Can the system act beyond its reviewed authority? | Define approvals, limits, and rollback paths. |