OWASP LLM01 (2023) Prompt Injection

What is OWASP LLM01 (2023) Prompt Injection?

In the 2023/24 list, prompt injection was already the headline risk: attackers craft inputs that override developer instructions and push the model toward unintended actions.

What this looks like in production

Same family of attacks as LLM01 (2025) - direct overrides, indirect payloads in documents, and growing automation. The 2025 edition keeps the rank and expands mitigation guidance.

What teams usually do about it

  • See LLM01 (2025) for current production patterns and automated jailbreaks.

Further reading on Giskard

Official OWASP reference

Get AI security insights in your inbox