The OWASP LLM Top 10 is a source-backed risk map for LLM applications. LlmWikis uses it as a security checklist for wiki pages, agent tools, retrieval pipelines, and handoff workflows.
| Risk family | Question to ask | Wiki follow-up |
|---|---|---|
| Prompt injection | Can untrusted instructions override the intended task boundary? | Document mitigations and test cases. |
| Sensitive information disclosure | Can prompts, logs, retrieval, or outputs leak protected data? | Record data handling and redaction rules. |
| Supply chain | Can models, plugins, datasets, or prompts be compromised upstream? | Track source, version, and trust boundary. |
| Excessive agency | Can the system act beyond its reviewed authority? | Define approvals, limits, and rollback paths. |
How to apply it to an LLM Wiki
- Keep raw sources immutable so prompt injection in a source cannot silently rewrite evidence.
- Mark untrusted source text before an agent uses it to update compiled wiki pages.
- Limit tool permissions during ingest and require explicit approval for destructive actions.
- Record security-sensitive decisions in the log with source, reviewer, and rollback notes.