llm-security
0This skill provides security rules for building secure large language model (LLM) applications based on the OWASP Top 10 for LLM Applications 2025. It is designed for developers and security professionals who want to ensure their LLM applications are secure.
000Updated 3w ago
Security
Quick InstallView Source
$ npx skills add https://github.com/semgrep/skills --skill llm-securityOverview
About This Skill
The llm-security skill provides developers with actionable security guidelines for building and securing large language model applications. It covers the OWASP Top 10 for LLM Applications 2025, addressing critical vulnerabilities including prompt injection, sensitive information disclosure, supply chain risks, data poisoning, and improper output handling. The skill is ideal when implementing RAG systems, securing AI/ML pipelines, or reviewing code that interacts with language models. It helps teams identify and mitigate high-impact risks like excessive agency, system prompt leakage, vector embedding weaknesses, and unbounded consumption attacks.
How to Use
Add the skill using the command: `$ npx skills add https://github.com/semgrep/skills --skill llm-security`
Use Cases
Automatically check for security risks in LLM applications.
Guide users in identifying security rules relevant to their LLM project.
Provide examples of secure code patterns and known vulnerabilities.
Tags
Setup & Installation
Quick Install
Terminal
$ npx skills add https://github.com/semgrep/skills --skill llm-securityAlternative Install (Git Clone)
git clone https://github.com/semgrep/skillsRequirements
- Claude Code or compatible AI agent
Quick Start Guide
1
Install the Skill
Copy the install command above and run it in your terminal.
2
Open Your AI Agent
Launch Claude Code, Cursor, or your preferred AI coding agent.
3
Try It Out
Use the prompt template or examples below to test the skill.
4
Customize
Adapt the skill to your specific use case and workflow.
Usage Examples
📝
No Examples Available
Check the GitHub repository or documentation for usage examples.
Apply to these tools
Browse all toolsSalt Security
Real-time API threat detection and prevention
Feroot Security
Automated compliance monitoring for 50+ regulations
Patchwork Security
Security patch notifications for servers
Gecko Security
AI-powered security engineer for vulnerability management
Hex Security
AI-powered offensive security automation
Abnormal Security
AI-driven email security with automated threat detection and fraud prevention.
Compatible MCP servers
Browse all MCP servers
Find the right skills for your stack
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan