moai-ref-llm-security

Featured

AI/LLM defensive security reference: prompt-injection defense, OWASP LLM Top 10 defensive mapping, MCP and agentic tool-call hardening, training-data poisoning detection, model-output validation and guardrails, MITRE ATLAS defensive correlation, and NIST AI RMF governance. Agent-extending skill that amplifies backend, security, and AI-application engineering with production-grade defensive patterns for LLM-backed systems. NOT for: offensive techniques (jailbreak authoring, attack-payload crafting, red-team exploitation), model training or fine-tuning methodology, prompt optimization for capability, web-app OWASP Top 10 (see moai-ref-owasp-checklist), or general API design (see moai-ref-api-patterns).

AI & Automation 1,120 stars 207 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# LLM / AI Defensive Security Reference Defensive practitioner reference for hardening LLM-backed applications and agents. Every section is framed as defense, hardening, detection, or verification — it describes the misconfiguration, how to detect it, and how to prevent it, never how to exploit it. Cross-domain web-app vulnerabilities live in `moai-ref-owasp-checklist`; API design lives in `moai-ref-api-patterns`. ## Target Use Apply when reviewing or building an LLM-backed system — a chat product, a retrieval-augmented application, an autonomous agent, or an MCP server. The material assumes an untrusted-input threat model: any text the model reads (user turns, retrieved documents, tool results, file contents) may carry adversarial instructions, and any text the model emits may be acted on downstream. ## Trust Boundaries in an LLM System The core defensive insight: an LLM does not distinguish "data" from "instructions" the way a parser does. Treat every text channel that reaches the model as a boundary where adversarial instructions can enter. | Channel | Entry risk | Primary defense | |---------|-----------|-----------------| | End-user prompt | Direct prompt injection | Instruction-hierarchy enforcement, input screening | | Retrieved documents (RAG) | Indirect prompt injection | Provenance tagging, content isolation, retrieval allowlist | | Tool / function results | Injected instructions in tool output | Treat tool output as untrusted data, re-validate before re-promp...

Details

Author
modu-ai
Repository
modu-ai/moai-adk
Created
9 months ago
Last Updated
today
Language
Go
License
Apache-2.0

Integrates with

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

moai-ref-supply-chain

Software supply-chain defensive security reference: SBOM generation and verification (SPDX / CycloneDX), dependency-confusion defense, malicious-package triage playbook, SLSA provenance levels, Sigstore / cosign signing and verification, package-registry hardening, typosquatting defense, and transitive-dependency auditing. Agent-extending skill that amplifies backend, security, and release-engineering work with production-grade defensive patterns for the software supply chain. NOT for: offensive techniques (dependency-confusion attack execution, malicious package authoring, registry exploitation), LLM/AI-specific security (see moai-ref-llm-security), web-app OWASP Top 10 (see moai-ref-owasp-checklist), or general API design (see moai-ref-api-patterns).

1,120 Updated today
modu-ai
AI & Automation Featured

moai-ref-secops

DevSecOps, container, and API operational defensive security reference: CI/CD pipeline hardening, secret scanning, IaC misconfiguration detection, SAST/DAST integration, container image scanning, Kubernetes RBAC hardening, container-escape defense, runtime threat detection, OWASP API Top 10 operational defense, WAF rule tuning, and GraphQL/REST depth and rate limiting. Agent-extending skill that amplifies backend, security, and platform-engineering work with production-grade defensive patterns for pipelines, containers, and running APIs. NOT for: offensive techniques (exploit execution, container-escape attack steps, privilege-escalation procedures, attack tooling), dev-time web-app OWASP Top 10 (see moai-ref-owasp-checklist), LLM/AI security (see moai-ref-llm-security), supply-chain provenance and signing (see moai-ref-supply-chain), or general API design (see moai-ref-api-patterns).

1,120 Updated today
modu-ai
AI & Automation Solid

ai--llm-security

LLM and AI application security testing — prompt injection, jailbreak resistance, OWASP LLM Top 10 (2025), RAG and agent/tool-use security, model supply chain, and AI red teaming for authorized assessments

161 Updated 1 weeks ago
Masriyan