Skills

llm-top-10

Installation
SKILL.md

OWASP Top 10 for LLM Applications (2025) — Security Review Skill

1. When to Use

If a target is provided via arguments, focus the review on: $ARGUMENTS

Invoke this skill when any of the following triggers are present:

  • LLM API integration code is being added or modified (OpenAI, Anthropic, Google Gemini, Azure OpenAI, Cohere, Mistral, local model endpoints).
  • RAG (Retrieval-Augmented Generation) pipelines are under review — embedding generation, vector store queries, context assembly, or document ingestion flows.
  • Chatbot or conversational AI deployments are being built, including system prompt configuration, session management, or tool/function-calling setups.
  • AI feature pull requests introduce prompt templates, completion parsing, agent orchestration, or model output rendering.
  • Infrastructure changes involve model serving (vLLM, TGI, Ollama), fine-tuning pipelines, training data management, or embedding databases (Pinecone, Weaviate, Chroma, pgvector).
  • Security architecture reviews or threat models that include an LLM component.

Do NOT invoke this skill for traditional web application reviews that have no LLM or generative AI component.

Installs
11
Repository
unitoneai/securityskills
GitHub Stars
19
First Seen
May 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
llm-top-10 — unitoneai/securityskills