LLM Top 10

Risk categories, attack patterns, and governance dimensions for LLM security engineering.

10Risks

18ATLAS refs

6Dimensions

29NIST links

Move from risk labels to engineering work: prompt injection, disclosure, supply chain, poisoning, output handling, agency, leakage, embeddings, misinformation, and resource abuse.

Back to Crosswalk Open crosswalk OWASP source

OWASP GenAI Security

Public-safe

OWASP

LLM Top 10

AI risk landscape

LLM01

Prompt Injection

LLM02

Sensitive Information Disclosure

LLM03

Supply Chain

LLM04

Data and Model Poisoning

LLM05

Improper Output Handling

LLM06

Excessive Agency

LLM07

System Prompt Leakage

LLM08

Vector and Embedding Weaknesses

LLM09

Misinformation

LLM10

Unbounded Consumption

ai language

security trust

remediation opportunity

Top 10 browser

OWASP LLM risks, compact and interactive.

Search by risk, filter by AI Trust Governance dimensions, and inspect the mapped ATLAS and NIST signals without leaving the page.

OWASP / LLM Top 10

LLM01

risk

public-safe

critical

Prompt Injection

Treat instructions and data as separate trust zones, constrain tools, and test against direct and indirect injection.

Scorecard dimensions

ai language

security trust

remediation opportunity

Public-safe boundary

Public framework metadata, derived crosswalks, cautious claim language. No restricted text or certification implication.

Private engagement

Turn framework mapping into governance evidence.

Use these framework maps to scope evidence prompts, maturity gaps, and remediation work across AI governance, security, and product risk. A governance evidence sprint produces artifacts your buyers and board can act on.

Scope governance sprint Open scorecard