Back to Catalog
Owasp Llm
top10_2025
LLM01 - Prompt Injection
Adversaries manipulate model behavior by embedding malicious instructions in inputs.
Intent & Description
'
🎯 Intent
Prevent adversaries from manipulating LLM behavior through crafted inputs that bypass safety constraints.
📋 Context
LLMs process natural language inputs that can contain hidden instructions. Attackers embed malicious prompts to override system instructions, extract data, or trigger unauthorized actions.
💡 Solution
Implement input validation and sanitization. Use prompt firewalls. Separate system prompts from user inputs. Apply output filtering. Monitor for anomalous prompt patterns. Use guardrail frameworks.'
Real-world Use Case
Use when building any LLM-powered application that processes user inputs or external data.
📌 TL;DR
Prevent malicious prompt manipulation. Validate inputs, use prompt firewalls, separate system from user prompts.
Advantages
- Prevents unauthorized behavior changes
- Protects system prompt integrity
- Blocks data exfiltration attempts
- Maintains model safety constraints
Disadvantages
- No perfect defense exists yet
- May block legitimate edge-case inputs
- Requires continuous updating