Home · AI Security Answers · OWASP LLM Top 10
What is OWASP LLM02 insecure output handling and how do I fix it?
OWASP LLM02 Sensitive Information Disclosure occurs when a Large Language Model (LLM) reveals sensitive data such as Personally Identifiable Information (PII), secrets, proprietary context, or another tenant's data in its output. This risk is often critical for customer-facing deployments.
To mitigate OWASP LLM02, implement the following controls:
- Input/output scrubbing & redaction: Actively remove or mask sensitive information from both the input provided to the LLM and the output generated by it.
- Data minimization in context: Limit the amount of sensitive data provided to the LLM to only what is strictly necessary for its function.
- Strict RAG-source scoping: When using Retrieval Augmented Generation (RAG), ensure that the sources from which the LLM retrieves information are strictly scoped to prevent access to sensitive data.
- Tenant isolation: Implement measures to ensure that data from one tenant cannot be inadvertently disclosed to another through the LLM's output.
- DLP on responses: Employ Data Loss Prevention (DLP) mechanisms on the LLM's responses to detect and prevent the outflow of sensitive information.
- No secrets in prompts: Avoid embedding any secrets or credentials directly within the prompts given to the LLM.
Grounded in
- owasp_llm_top10
How does your AI agent score?
Get a free, instant AI agent security readiness snapshot — mapped to NIST, OWASP & ISO — then unlock the full report with a prioritized, cited fix-list.
This AI-generated answer is for guidance only — not a certification, audit, or penetration test. Grounded in the NIST AI RMF, OWASP LLM Top 10, and ISO/IEC 42001 control text; verify applicability to your environment.