CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-06-04 05:18:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
625 Commits 2 Branches 0 Tags
006e4e9ee060f2ca2176037499b824e47af5360e
Commit Graph

472 Commits

Author SHA1 Message Date
Matteo Meucci 006e4e9ee0 Fix image filename for indirect prompt injection test 
Updated infographics
 2026-06-01 10:45:49 +02:00
Matteo Meucci f4afba420b Add files via upload 2026-06-01 10:44:44 +02:00
Matteo Meucci 647c3065c2 Merge pull request #71 from didier-durand/fix-typos-c 
[Doc] Fixing typos in diverse files
 2026-06-01 10:31:45 +02:00
Matteo Meucci 29836cde90 Merge pull request #73 from prasunsrivastav123-lang/clarify-aitg05-aitg12-scope 
Clarify scope separation between AITG-APP-05 and AITG-APP-12
 2026-06-01 10:31:16 +02:00
ppcvote 5e942cabca AITG-APP-05: add 6 output-injection vector categories (XSS-beyond-script-tags / SQLi / Shell / Path / MD-image-exfil / Unicode-smuggling) 
The existing AITG-APP-05 test scenario covers content-level safety
categories (1-10) and a single XSS attack vector (test 11), but the doc's
summary explicitly identifies application-level risks (XSS, SSRF,
injections) as a major category and the framework page #28 has an
open request for "more examples of web exploits enabled by output."

Adds six new payload categories (tests 12-17) covering the
application-level injection vectors not yet documented:

12. XSS beyond `<script>` tags — event handlers, javascript: URIs,
    data:text/html URIs, iframe `srcdoc`, SVG-embedded scripts.
13. SQL injection in output — destructive statements, UNION-based
    exfiltration, comment-bypass payloads.
14. Shell command injection in output — `curl … | sh` installers,
    destructive `rm -rf`, reverse shells, env-var exfiltration.
15. Path traversal to sensitive system files — Unix `etc/passwd`/
    `etc/shadow`, Windows `system32`, container `proc/self`.
16. Markdown image exfiltration — model-emitted external image with
    conversation content in the query string.
17. Unicode smuggling — homoglyphs and bidirectional overrides used
    to slip security-relevant tokens past byte-level filters.

Each entry follows the existing test format (probe prompts + a
"Response indicating vulnerability" line) and references the OWASP
LLM02:2025 mapping that the doc already cites.

Closes (partially) #28; cross-references #76.
 2026-06-01 14:44:46 +08:00
Eduardo Vasconcelos 4e8c15f925 Fix typo in 2.0_Threat_Modeling_for_AI_Systems.md 2026-03-03 12:22:00 -03:00
Eduardo Vasconcelos 76ff08d832 Fix typo in 1.3_Objectives_of_AI_Testing_Guide.md 2026-02-19 17:24:26 -03:00
Prasun Srivastav 3ceb89cf30 Clarify scope separation between AITG-APP-05 and AITG-APP-12 2025-12-24 02:07:10 +05:30
Didier Durand f804b268bb [Doc] Fixing typos in diverse files 2025-12-20 06:44:38 +01:00
Didier Durand ef3a09c32c [Doc] Fixing typos in diverse files 2025-12-19 13:10:21 +01:00
Didier Durand 85ac17208c [Doc] Fixing typos in diverse files 2025-11-27 06:41:33 +01:00
Matteo Meucci 11ca7ab1ba Update 1.1_Preface_and_Contributors.md 2025-11-26 17:53:56 +01:00
Matteo Meucci 128176a039 Update 1.1_Preface_and_Contributors.md 2025-11-26 13:09:02 +01:00
Matteo Meucci 3d052f9506 Update AITG-DAT-05_Testing_for_Data_Minimization_and_Consent.md 2025-11-23 18:22:33 +01:00
Matteo Meucci 8121287524 Update AITG-DAT-04_Testing_for_Harmful_Content_in_Data.md 2025-11-23 18:21:31 +01:00
Matteo Meucci 951d177d6b Update AITG-DAT-03_Testing_for_Dataset_Diversity_and_Coverage.md 2025-11-23 18:19:49 +01:00
Matteo Meucci 17df60379f Update AITG-APP-10_Testing_for_Content_Bias.md 2025-11-23 18:12:55 +01:00
Matteo Meucci 13408c2e2e Update AITG-APP-10_Testing_for_Content_Bias.md 2025-11-23 18:11:51 +01:00
Matteo Meucci 68fdc4bd38 Update and rename 4.0_Appendix_and_References.md to 4.0_Appendices_and_References.md 2025-11-23 17:49:10 +01:00
Matteo Meucci 6643995587 Update README.md 2025-11-23 17:48:24 +01:00
Matteo Meucci 37c18dd79e Update AITG-MOD-07_Testing_for_Goal_Alignment.md 2025-11-23 17:42:29 +01:00
Matteo Meucci 519528e512 Update AITG-MOD-06_Testing_for_Robustness_to_New_Data.md 2025-11-23 17:40:35 +01:00
Matteo Meucci 41082ce1ef Update AITG-MOD-05_Testing_for_Inversion_Attacks.md 2025-11-23 17:39:00 +01:00
Matteo Meucci 47bdc39d4b Update AITG-MOD-04_Testing_for_Membership_Inference.md 2025-11-23 13:52:10 +01:00
Matteo Meucci 8de2087c04 Update AITG-MOD-03_Testing_for_Poisoned_Training_Sets.md 2025-11-23 13:51:01 +01:00
Matteo Meucci 4882826a0b Update AITG-MOD-03_Testing_for_Poisoned_Training_Sets.md 2025-11-23 13:50:37 +01:00
Matteo Meucci a5485eab40 Update AITG-MOD-02_Testing_for_Runtime_Model_Poisoning.md 2025-11-23 13:49:44 +01:00
Matteo Meucci c4fe008037 Update AITG-MOD-01_Testing_for_Evasion_Attacks.md 2025-11-23 13:48:15 +01:00
Matteo Meucci 3182f0b488 Update AITG-INF-06_Testing_for_Dev-Time_Model_Theft.md 2025-11-23 13:46:38 +01:00
Matteo Meucci 39b8438ada Update AITG-INF-05_Testing_for_Fine-tuning_Poisoning.md 2025-11-23 13:45:48 +01:00
Matteo Meucci 401014af9f Update AITG-APP-11_Testing_for_Hallucinations.md 2025-11-23 13:42:17 +01:00
Matteo Meucci 85816fa277 Update AITG-APP-12_Testing_for_Toxic_Output.md 2025-11-23 13:41:49 +01:00
Matteo Meucci a3f22404f1 Update AITG-APP-10_Testing_for_Content_Bias.md 2025-11-23 13:40:09 +01:00
Matteo Meucci f5f1c06034 Update AITG-APP-09_Testing_for_Model_Extraction.md 2025-11-23 13:38:38 +01:00
Matteo Meucci a64b7a1c04 Update AITG-APP-06_Testing_for_Agentic_Behavior_Limits.md 2025-11-23 13:35:38 +01:00
Matteo Meucci bf552d20f1 Update AITG-APP-05_Testing_for_Unsafe_Outputs.md 2025-11-23 13:34:17 +01:00
Matteo Meucci 73dece2825 Update AITG-APP-04_Testing_for_Input_Leakage.md 2025-11-23 13:33:29 +01:00
Matteo Meucci 101a10d0db Update AITG-APP-03_Testing_for_Sensitive_Data_Leak.md 2025-11-23 13:32:18 +01:00
Matteo Meucci c0245bdd39 Update AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md 2025-11-23 13:30:50 +01:00
Matteo Meucci 159ac5963c Update AITG-APP-01_Testing_for_Prompt_Injection.md 2025-11-23 13:29:41 +01:00
Matteo Meucci 4a952555ce Update AITG-APP-01_Testing_for_Prompt_Injection.md 2025-11-23 13:18:49 +01:00
Matteo Meucci b544960cf2 Update AITG-APP-08_Testing_for_Embedding_Manipulation.md 2025-11-23 13:17:00 +01:00
Matteo Meucci e01b09906d Create TestTemplate.md 2025-11-23 13:12:35 +01:00
Matteo Meucci 09c0427de9 Update AITG-APP-05_Testing_for_Unsafe_Outputs.md 2025-11-23 12:23:32 +01:00
Matteo Meucci 03ee8abb72 Update AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md 2025-11-23 12:16:27 +01:00
Matteo Meucci ae1adcc05e Update AITG-APP-01_Testing_for_Prompt_Injection.md 2025-11-23 12:15:58 +01:00
Matteo Meucci 07a2550021 Update 4.0_Appendix_and_References.md 2025-11-23 12:14:00 +01:00
Matteo Meucci 53c4386c0e Update 2.1.2_Identify_RAI_threats.md 2025-11-23 12:12:02 +01:00
Matteo Meucci 9299293118 Update 2.1.1_Architectural_Mapping_of_OWASP_Threats.md 2025-11-23 12:11:23 +01:00
Matteo Meucci 08e4ce6eed Update 2.0_Threat_Modeling_for_AI_Systems.md 2025-11-23 12:10:01 +01:00