Prompt.

Why this dimension matters

Prompt is where attackers meet your model. The Prompt dimension covers five interrelated controls: prompt-injection testing, input validation, output filtering, OWASP LLM Top 10 awareness and mapping, and red-teaming. Together they govern whether your AI deployments survive contact with adversarial input. OWASP LLM01 (Prompt Injection), LLM05 (Improper Output Handling), and LLM07 (System Prompt Leakage) all live here. The defining shift in this dimension is that classic application security practices (input validation, output encoding, threat modeling) need re-application against natural-language inputs and natural-language outputs. Most teams under-invest in this until an incident, then over-invest in tooling without process. The Posture Check helps separate signal from noise.

Posture Check questions for prompt

1. Have you tested your AI deployments for prompt injection attacks?
   • 0 No testing
   • 1 Identified the risk, no action
   • 2 Informal manual testing
   • 3 Formal testing as part of release cycle
2. Do you have input validation or sanitization in place for prompts before they reach the model?
   • 0 No validation
   • 1 Aware of the need
   • 2 Partial validation
   • 3 Comprehensive validation with documented rules
3. Do you have output filtering or classification on AI responses before they reach end users?
   • 0 No filtering
   • 1 Identified the gap
   • 2 Partial filtering on specific use cases
   • 3 Comprehensive output classification and filtering
4. Are you aware of the OWASP LLM Top 10 risks and have you mapped which apply to your deployments?
   • 0 Not aware
   • 1 Aware, no mapping
   • 2 Partial mapping
   • 3 Full mapping with mitigation plans
5. Do you red-team your AI deployments before production launch?
   • 0 No red-teaming
   • 1 Identified the gap
   • 2 Informal red-teaming
   • 3 Formal red-teaming with documented methodology