OWASP LLM
Sentinel findings can be triaged using the OWASP Top 10 for LLM Applications v2025 risk language. This page maps rule IDs to risk categories that management, AppSec, and engineering can share.
OWASP LLM mapping connects Sentinel rule IDs to the LLM01-LLM10 risk language, giving executive summaries, compliance reports, and engineering issues a shared vocabulary.
Mapping
| OWASP | Risk | Sentinel coverage |
|---|---|---|
| LLM01:2025 | Prompt Injection | Prompt firewall, Jinja2 templates, GGUF chat templates |
| LLM02:2025 | Sensitive Information Disclosure | Secrets, output firewall, RAG fixtures, logs |
| LLM03:2025 | Supply Chain | Artifact scanners, HuggingFace intake, OCI, CVE, manifests |
| LLM04:2025 | Data and Model Poisoning | Model provenance, manifest integrity, suspicious metadata |
| LLM05:2025 | Improper Output Handling | Output firewall, template rendering, downstream code paths |
| LLM06:2025 | Excessive Agency | MCP permissions, tool manifests, network egress |
| LLM07:2025 | System Prompt Leakage | Prompt fixtures, template secret exposure, output guardrails |
| LLM08:2025 | Vector and Embedding Weaknesses | RAG context leakage, poisoned documents, retrieval boundaries |
| LLM09:2025 | Misinformation | Eval evidence, model provenance, report review workflow |
| LLM10:2025 | Unbounded Consumption | Size limits, archive ratio, tensor dimensions, model DoS |
Source: OWASP Top 10 for LLM Applications v2025.
Workflow
Compliance checking is not a pentest by itself, but it shows which AI risk class is supported by which technical finding. Use OWASP labels in executive summaries and Sentinel rule IDs in technical appendices.
sentinel compliance check . --framework owasp-llmCoverage boundaries
Sentinel strengthens static signals, artifact safety, prompt/agent checks, and CI evidence. Live exploit chains, business-logic abuse, and human approval flows still require manual security validation.
Eresus support
Turn the finding into an action your team can actually close.
If you need exploit evidence, prioritization, remediation direction, and retesting for OWASP LLM and AI security compliance, Eresus can help scope the work with your team.
Start Security Test