§40 · Lane 8 — Agent Infrastructure Standards & Toolchain
OWASP Top 10 for LLM Applications
OWASP Gen AI Security Project (2025) · OWASP LLM Top 10
Bibliographic data
- Title
- OWASP Top 10 for Large Language Model Applications (2025)
- Authors / Issuing body
- OWASP Foundation — OWASP Gen AI Security Project
- Venue / Publisher
- OWASP Foundation
- Year
- 2025
- Designation
- standards-framework
- Licence
- CC BY-SA 4.0 — refer to publisher for full licence terms.
- Canonical link
- https://genai.owasp.org/llm-top-10/
How to cite
OWASP Gen AI Security Project (2025). OWASP Top 10 for Large Language Model Applications (2025). OWASP Foundation. https://genai.owasp.org/llm-top-10/.
OWASP enumeration of the ten most critical security risks for LLM-integrated applications across the build, deploy and manage lifecycle. 2025 edition; LLM01 Prompt Injection through LLM10 Unbounded Consumption.
Why it matters for NETEVO
The OWASP LLM Top 10 is the community-curated failure-mode taxonomy for LLM-integrated applications. NETEVO clients implementing or auditing LLM workflows expect findings mapped against it, and the Agent Infrastructure Whitepaper already cites LLM02, LLM06, LLM07 and LLM08 in its four-dimension architecture.
Two list entries are the load-bearing public anchors for the Implicit Authority Cascade coinage: LLM01 Prompt Injection names the failure mode where an attacker reaches across the prompt boundary to redirect the agent; LLM06 Excessive Agency names the failure mode where the agent is granted more authority than the task requires. Both map directly onto the IAC concept.
The taxonomy is re-issued on roughly a two-year cadence (2023, 2025). NETEVO tracks the OWASP Gen AI Security Project for new editions; the URL is stable across editions for evergreen references.
Where NETEVO applies this
- Agent Infrastructure Whitepaper — load-bearing — four-dimension architecture cites LLM02, LLM06, LLM07, LLM08
- AI Governance in ANZ 2026 Whitepaper — supporting — LLM-specific risk framing