OWASP LLM07 (2025) System Prompt Leakage

What is OWASP LLM07 (2025) System Prompt Leakage?

System prompt leakage is when crafted inputs coax the model into revealing instructions that were meant to stay private - safety rules, business logic, tool definitions, or internal routing.

What this looks like in production

Once attackers see your guardrails, the next attack is precise. Multi-turn reconnaissance can map an agent's full tool surface before anyone tries a single exploit.

What teams usually do about it

  • Do not store secrets in system prompts.
  • Assume prompts may leak; enforce policy at tools and infrastructure.
  • Include extraction attempts in red-team suites.

Further reading on Giskard

Official OWASP reference

Get AI security insights in your inbox