search

OWASP / www-project-top-10-for-large-language-model-applications

OWASP Foundation Web Respository
Other
573 stars 141 forks source link

minor errors in 2025 RC #464

Closed GangGreenTemperTatum closed 1 week ago

GangGreenTemperTatum commented 1 week ago

from Mohit -> https://owasp.slack.com/archives/C06J29KUV7E/p1730793075189299

Remember, an issue is not the place to ask questions. You can use our Slack channel for that, or you may want to consult the following Slack channels:

When reporting an issue, please be sure to include the following:

Steps to Reproduce

  1. https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/blob/main/2_0_vulns/Release%20Candidates/Draft_LLMAll_en-US_regular_toc.pdf

What happens?

see below

What were you expecting to happen?

see below

Any logs, error output, etc?

Hi @Steve Wilson Document (Release candidate for the 2025 Top 10 List for LLM Apps) shared in project top for LLM looks impressive. just a few minor observations: Links: LLM 01 Prompt Injection, Page 6 Reference link 2 (related to ChatGPT Cross Plugin Request Forgery) not working well. Reference link 7 (related to ChatML for OpenAI Calls Github) not working well. LLM 04 Data and Model Poisoning, Page 20: Related Frameworks and Taxonomies: First 2 have links however third one (related to AI model watermarking) is in plain text only. It is missing a link. LLM06:2025 Excessive Agency, Page 27: Reference links 5 (related to LangChain) is not working. LLM 10 Unbounded Consumption, Page 40 : Related framework and Taxonomies: Link no 3,4, 5 and 8 not working. Spelling: LLM06:2025 Excessive Agency Page 25 – Prevention and Mitigation Strategies 2nd control: I think we’re trying to say “Minimize” in place of “Minimine” Scenario names: We have assigned names to scenarios for a few vulnerabilities, such as LLM 01, 02, 03, and 08. However, some vulnerabilities are missing scenario names. To ensure uniformity, I think we can either remove all scenario names or assign names for all vulnerabilities. I can also propose scenario names for the vulnerabilities that currently lack them.

OWASP Top 10 LLM Applications and Generative AI : 2025 LLM 01 Prompt Injection Reference link 2:

  1. ChatGPT Cross Plugin Request Forgery and Prompt Injection Embrace the Red https://embracethered.com/blog/posts/2023/chatgpt-cross-plugin-request-forgery-and-prompt-injection Reference link 7:
  2. ChatML for OpenAI API Calls Github https://github.com/openai/openai-python/blob/main/chatml.md LLM06:2025 Excessive Agency Reference links 5:
  3. LangChain: Human-approval for tools: Langchain Documentation https://python.langchain.com/docs/modules/agents/tools/how_to/human_approval/ LLM 10 Unbounded Consumption: Related framework and Taxonomies Link 3 AML.T0029 – Denial of ML Service MITRE ATLAS https://atlas.mitre.org/tactics/AML.T0029 Link 4 AML.T0034 – Cost Harvesting MITRE ATLAS https://atlas.mitre.org/tactics/AML.T0034 Link 5 AML.T0025 – Exfiltration via Cyber Means MITRE ATLAS https://atlas.mitre.org/tactics/AML.T0025 Link 8 OWASP Resource Management OWASP Secure Coding Practices https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/latest/secp212.html

Any other comments?

github-actions[bot] commented 1 week ago

👋 Thanks for reporting! Please ensure labels are applied appropriately to the issue so that the workflow automation can triage this to the correct member of the core team