§40 · Lane 8 — Agent Infrastructure Standards & Toolchain
OWASP Top 10 for LLM Applications the taxonomy underpinning the Implicit Authority Cascade
OWASP Gen AI Security Project (2025) · OWASP LLM Top 10
Bibliographic data
- Title
- OWASP Top 10 for Large Language Model Applications (2025)
- Authors / Issuing body
- OWASP Foundation — OWASP Gen AI Security Project
- Venue / Publisher
- OWASP Foundation
- Year
- 2025
- Designation
- Standards Framework
- Licence
- CC BY-SA 4.0 — refer to publisher for full licence terms.
- Canonical link
- https://genai.owasp.org/llm-top-10/
How to cite
OWASP Gen AI Security Project (2025). OWASP Top 10 for Large Language Model Applications (2025). OWASP Foundation. https://genai.owasp.org/llm-top-10/.
OWASP enumeration of the ten most critical security risks for LLM-integrated applications across the build, deploy and manage lifecycle. 2025 edition; LLM01 Prompt Injection through LLM10 Unbounded Consumption.
Why it matters for NETEVO
The OWASP LLM Top 10 is the community-curated failure-mode taxonomy for LLM-integrated applications. The 2025 edition enumerates the ten most critical security risks across the build, deploy and manage lifecycle, running from LLM01 Prompt Injection through LLM10 Unbounded Consumption.
Two entries map directly onto the Implicit Authority Cascade (IAC). LLM01 Prompt Injection names the failure mode in which an attacker reaches across the prompt boundary to redirect the agent; LLM06 Excessive Agency names the failure mode in which the agent is granted more authority than the task requires. The first describes how unintended instructions reach an agent; the second describes the surplus authority that makes those instructions consequential.
The taxonomy is re-issued on roughly a two-year cadence (2023, 2025) and is maintained under the OWASP Gen AI Security Project. Its URL is stable across editions, so references to the current edition remain durable.
Where NETEVO applies this
- Agent Infrastructure Whitepaper — load-bearing — four-dimension architecture cites LLM02, LLM06, LLM07, LLM08
- AI Governance in ANZ 2026 Whitepaper — supporting — LLM-specific risk framing