So we wrote the guide that bridges that gap. For each OWASP category:
- What real attacks look like (specific techniques, not just descriptions) - What to test for (checklists) - How to defend
Some things that stood out:
- 62 attacks map to LLM01 (Prompt Injection) alone — encoding bypasses, delimiter exploitation, RAG injection, multi-turn escalation - LLM06 (Excessive Agency) is where prompt injection meets real-world damage — confused deputy attacks, tool chaining, MCP tool poisoning - LLM07 (System Prompt Leakage) has 12 extraction techniques. "Repeat everything above" is the obvious one. PLeak optimized queries and differential behavioral analysis are not.
All attack references come from the open-source taxonomy: https://github.com/tachyonicai/tachyonic-heuristics
The guide: https://tachyonicai.com/blog/owasp-llm-top-10-guide/
0 comments