The OWASP Top 10 for Large Language Model Applications project aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large Language Models (LLMs). The project provides a list of the top 10 most critical vulnerabilities often seen in LLM applications, highlighting their potential impact, ease of exploitation, and prevalence in real-world applications. Examples of vulnerabilities include prompt injections, data leakage, inadequate sandboxing, and unauthorized code execution, among others. The goal is to raise awareness of these vulnerabilities, suggest remediation strategies, and ultimately improve the security posture of LLM applications. You can read our group charter for more information
Review the official 1.0.1 release (Full Version or Short Slides) to understand work that has been done to date.
This initiative is community-driven and encourages participation and contributions from all interested parties.
- We have a working group channel on the OWASP Slack, so please sign up and then join us on the #project-top10-for-llm channel.
- The working group is collaborating on our wiki
- Want to stay updated on periodic progress? Subscribe to our newsletter