By name: owasp-llm description: OWASP Top 10 for LLM Applications (2025) knowledge base for identifying, assessing, and remediating large language model security risks. license: CC-BY-SA-4.0 user-invocable: false metadata: authors: "OWASP LLM Applications Security Initiative" spec_version: "1.0" framework_revision: "1.0.0" last_updated: "2026-02-13" skill_based_on: "https://github.com/chris-buckley/agnostic-prompt-standard" content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/"
OWASP® LLM Top 10 — Skill Entry
This SKILL.md is the entrypoint for the OWASP LLM Top 10 skill.
The skill encodes the OWASP Top 10 for LLM Applications (2025) as structured, machine-readable references that an agent can query to identify, assess, and remediate security risks in large language model systems.
Normative references (LLM Top 10)
- 00 Vulnerability Index
- 01 Prompt Injection
- 02 Sensitive Information Disclosure
- 03 Supply Chain
- 04 Data and Model Poisoning
- 05 Improper Output Handling
- 06 Excessive Agency
- 07 System Prompt Leakage
- 08 Vector and Embedding Weaknesses
- 09 Misinformation
- 10 Unbounded Consumption
Skill layout
SKILL.md— this file (skill entrypoint).references/— the LLM Top 10 normative documents.00-vulnerability-index.md— index of all vulnerability identifiers, categories, and cross-references.01through10— one document per vulnerability aligned with OWASP LLM Applications numbering.
Third-Party Attribution
Copyright © OWASP Foundation. OWASP® Top 10 for LLM Applications (2025) content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.