How does this skill help with prompt injection?

It uses regex-based pattern matching and heuristic analysis to detect and block common injection techniques like instruction overrides, jailbreaks, and hidden Unicode characters.

Does it cover the entire OWASP LLM Top 10?

It provides specific mitigations, code patterns, and implementation guidance for all 10 categories, ranging from prompt injection to excessive agency and model theft.

Can it prevent the LLM from leaking internal system information?

The output sanitization feature scans for internal IP addresses, local hostnames, and sensitive URLs to prevent SSRF and accidental data disclosure.

Is it compliant with Dutch privacy laws?

Yes, it includes specific classifiers for Dutch PII (like BSN and IBAN) and specialized keywords to help meet AVG (GDPR) and BIO2 requirements.

LLM Security & OWASP Protection

Name: LLM Security & OWASP Protection
Author: djimit

bydjimit

•

Seguridad y Pruebas

Implements robust security controls for LLM applications based on OWASP Top 10 and Dutch government standards like BIO2 and AVG.

This skill provides specialized guidance and implementation patterns for securing Large Language Model (LLM) applications within sensitive environments, particularly for the Dutch government. It offers automated detection for prompt injection attacks, output sanitization to prevent XSS and SSRF, and advanced PII filtering and data classification to ensure compliance with AVG (GDPR) and BIO2 requirements. By integrating these security-by-design principles, developers can mitigate risks like model denial of service, excessive agency, and sensitive information disclosure while building reliable AI-driven services.

Características Principales

01Automated security testing and red teaming guidance

02Output sanitization for XSS, SSRF, and markdown injection

03PII and sensitive data classification for AVG/GDPR compliance

04Prompt injection and jailbreak detection patterns

05BIO2 and NIS2 alignment for government-grade security

061 GitHub stars

Casos de Uso

01Filtering PII and sensitive Dutch data before sending input to external LLM providers

02Securing public-facing government AI chatbots against malicious prompts

03Performing security audits and red teaming for GenAI applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add djimit/overheid-claude-plugins llm-security

For use in Claude.ai and ChatGPT

Características Principales

01Automated security testing and red teaming guidance

02Output sanitization for XSS, SSRF, and markdown injection

03PII and sensitive data classification for AVG/GDPR compliance

04Prompt injection and jailbreak detection patterns

05BIO2 and NIS2 alignment for government-grade security

061 GitHub stars

Casos de Uso

01Filtering PII and sensitive Dutch data before sending input to external LLM providers

02Securing public-facing government AI chatbots against malicious prompts

03Performing security audits and red teaming for GenAI applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add djimit/overheid-claude-plugins llm-security

For use in Claude.ai and ChatGPT