llm-security

Security rules for building secure LLM applications, based on the OWASP Top 10 for LLM Applications 2025. Proactive mode — When building or reviewing LLM applications, automatically check for relevant security risks based on the application pattern. You don't need to wait for the user to ask about LLM security. Reactive mode — When the user asks about LLM security, use the mapping below to find relevant rule files with detailed vulnerable/secure code examples. Use this to quickly identify which rules matter most for the user's task: See rules/_sections.md for the full index with OWASP/MITRE references. - Identify what the user is building (see "What Are You Building?" below) - Check the priority rules for that pattern - Read the specific rule files from rules/ for code examples - Apply the secure patterns or flag vulnerable ones - LLM01: Prompt Injection ( rules/prompt-injection.md ) - Prevent direct and indirect prompt manipulation - LLM02: Sensitive Information Disclosure ( rules/sensitive-disclosure.md ) - Protect PII, credentials, and proprietary data - LLM03: Supply Chain ( rules/supply-chain.md ) - Secure model sources, training data, and dependencies - LLM04: Data and Model Poisoning ( rules/data-poisoning.md ) - Prevent training data manipulation and backdoors - LLM05: Improper Output Handling ( rules/output-handling.md ) - Sanitize LLM outputs before downstream use -...