LLM Security Testing

StackHawk’s LLM security testing detects critical vulnerabilities in applications that integrate Large Language Models (LLMs). These tests run as part of your existing DAST scans in CI/CD pipelines, identifying OWASP LLM Top 10 risks before they reach production.

Supported LLM Vulnerabilities

StackHawk tests for five critical OWASP LLM Top 10 vulnerabilities:

LLM01: Prompt Injection (Plugin ID: 40049)

Detects when attackers can manipulate prompts to override system instructions, bypass safety controls, or extract unauthorized information. Tests include attempts to jailbreak model restrictions and inject malicious instructions into user prompts.

LLM02: Sensitive Data Disclosure (Plugin IDs: 10009, 10024, 10062)

Identifies when LLMs leak customer PII, API keys, internal system details, or proprietary business logic through responses to crafted prompts. Combines existing data disclosure plugins with LLM-specific test patterns.

LLM05: Improper Output Handling (Plugin IDs: 40046, 10031, 20012, 90019)

Catches vulnerabilities where unvalidated LLM outputs are used in SQL queries, system commands, or API calls—effectively turning the LLM into an injection attack vector. Tests for SSRF, XSS, CSRF, and code injection through LLM responses.

LLM07: System Prompt Leakage (Plugin ID: 40049)

Finds when attackers can extract system instructions, hidden prompts, or internal configuration details, providing them with a roadmap for more sophisticated attacks.

LLM10: Unbound Consumption (Plugin ID: 40052)

Detects missing rate limits or resource controls that allow attackers to rack up excessive API costs or create denial-of-service conditions through resource exhaustion.

How to Enable LLM Testing

LLM security testing is controlled through scan policies. You can enable these tests by adding the relevant plugin IDs to your application’s testing policy. See Policy Management for more information.