Back to Catalog
Owasp Llm
top10_2025
LLM07 - System Prompt Leakage
Exposure of hidden system prompt instructions that define model behavior and constraints.
Intent & Description
'
🎯 Intent
Protect system prompts from being extracted by users, as they contain security constraints and behavioral rules.
📋 Context
System prompts define model behavior, safety constraints, and operational boundaries. If leaked, attackers can craft more effective prompt injection attacks or understand security controls.
💡 Solution
Assume system prompts will eventually leak. Do not rely solely on prompt-based security. Implement defense in depth. Use API-level controls. Monitor for prompt extraction attempts. Rotate and update system prompts.'
Real-world Use Case
Use when designing system prompts for LLM applications, especially those with security-sensitive constraints.
📌 TL;DR
Protect system prompts but assume they will leak. Use defense in depth, API-level controls, and monitor for extraction.
Advantages
- Protects security boundaries
- Reduces attack surface
- Maintains operational secrecy
- Supports defense in depth
Disadvantages
- Perfect protection is impossible
- Overly guarded prompts may reduce helpfulness
- Detection of leakage attempts is difficult