This is a security audit framework based on the 2025 OWASP Top 10 for LLM Applications, the industry standard for GenAI security risks. It walks you through assessing prompt injection, sensitive data disclosure, supply chain vulnerabilities, data poisoning, and six other critical threat categories specific to LLM systems. You get checklists and mitigation strategies for each risk area. Use it when you're hardening a RAG system, reviewing chatbot security before production, or conducting penetration tests on AI features. It's thorough but assumes you understand your application architecture well enough to map these risks to your specific setup. Good companion to NIST AI RMF if you need broader risk management context.
npx skills add https://github.com/mastepanoski/claude-skills --skill owasp-llm-top10