secure-ai

Secures AI integration layers through multi-layered defense, structural isolation, and zero-trust orchestration. Covers prompt injection defense, model output validation, agentic security, secure server actions, supply chain integrity, MCP tool security, and audit protocols for applications that interact with LLMs.

Aligned with the OWASP Top 10 for LLM Applications 2025 and the NIST AI Risk Management Framework (AI RMF 1.0). Provides coverage for all ten OWASP LLM risks with concrete defense patterns.

When to use: Securing LLM-powered features against prompt injection, validating and sanitizing model outputs before downstream use, implementing zero-trust for autonomous agents, hardening server actions for AI endpoints, securing MCP tool integrations, managing AI supply chain risks, auditing AI access patterns.

確保 AI 整合免遭快速注入、權限升級和資料外洩。在為 LLM 管道實施深度防禦、對自主代理應用零信任控制、強化與 AI 服務互動的伺服器操作、驗證模型輸出、保護 MCP 工具整合或審核 AI 系統存取模式和身分管理時使用。用於 OWASP LLM Top 10、即時注入防禦、代理安全、AI 供應鏈。 來源：oakoss/agent-skills。