This skill provides security rules for building secure large language model (LLM) applications based on the OWASP Top 10 for LLM Applications 2025. It is designed for developers and security professionals who want to ensure their LLM applications are secure.
$ npx skills add https://github.com/semgrep/skills --skill llm-securityThe llm-security skill provides developers with actionable security guidelines for building and securing large language model applications. It covers the OWASP Top 10 for LLM Applications 2025, addressing critical vulnerabilities including prompt injection, sensitive information disclosure, supply chain risks, data poisoning, and improper output handling. The skill is ideal when implementing RAG systems, securing AI/ML pipelines, or reviewing code that interacts with language models. It helps teams identify and mitigate high-impact risks like excessive agency, system prompt leakage, vector embedding weaknesses, and unbounded consumption attacks.
Add the skill using the command: `$ npx skills add https://github.com/semgrep/skills --skill llm-security`
Automatically check for security risks in LLM applications.
Guide users in identifying security rules relevant to their LLM project.
Provide examples of secure code patterns and known vulnerabilities.
$ npx skills add https://github.com/semgrep/skills --skill llm-securitygit clone https://github.com/semgrep/skillsCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Generate a secure-by-design implementation plan for an LLM application handling [SENSITIVE_DATA_TYPE] in the [INDUSTRY] sector. Follow the OWASP Top 10 for LLM Applications 2025 guidelines, focusing on [SPECIFIC_RISK_AREA]. Include threat modeling, mitigation strategies, and code snippets if applicable.
# Secure LLM Implementation Plan for [COMPANY]
## Executive Summary
This plan addresses **prompt injection risks** in our customer support AI assistant for a healthcare SaaS platform. The system processes PHI (Protected Health Information) and must comply with HIPAA regulations while maintaining usability.
## Threat Model
**Primary Risks Identified:**
- *Prompt Injection*: Malicious users attempting to extract PHI via crafted prompts
- *Data Leakage*: Unauthorized exposure of patient records through model responses
- *Inference Attacks*: Reconstructing sensitive patterns from model outputs
## Mitigation Strategies
### 1. Input Sanitization Layer
```python
def sanitize_input(user_prompt: str) -> str:
forbidden_patterns = [
r"(?i)extract.*(patient|health|medical|record)",
r"(?i)list.*(all|every|complete).*user",
r"(?i)show.*(password|ssn|credit)"
]
for pattern in forbidden_patterns:
if re.search(pattern, user_prompt):
raise SecurityException("Input contains prohibited patterns")
return user_prompt
```
### 2. Contextual Output Filtering
Implemented a dual-stage verification system:
- **Stage 1**: Model outputs are scanned for PHI patterns using regex
- **Stage 2**: Human review queue for high-risk responses (e.g., answers containing "patient", "diagnosis", or "treatment")
### 3. Rate Limiting & Monitoring
- Implemented 5 requests/minute limit per user session
- Real-time anomaly detection for unusual query patterns
- Automated blocking for >3 failed authentication attempts
## Compliance Checklist
- [x] OWASP LLM-01: Prompt Injection (Mitigated via input sanitization)
- [ ] OWASP LLM-02: Insecure Output Handling (Pending UAT)
- [x] OWASP LLM-03: Training Data Poisoning (Prevented via data pipeline controls)
## Next Steps
1. Conduct penetration testing with simulated attack vectors
2. Implement model watermarking for output verification
3. Schedule quarterly security audits
**Last Updated:** 2024-11-15
**Owner:** Security Team
**Approved by:** CISOAutomated compliance monitoring for 50+ regulations
Security patch notifications for servers
AI-powered security engineer for vulnerability management
AI-powered offensive security automation
AI-driven email security with automated threat detection and fraud prevention.
Ensure cloud security with continuous monitoring and vulnerability management.
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan