common-llm-security
OWASP LLM Top 10 (2025) audit checklist for AI applications, agent tools, RAG pipelines, and prompt construction. Use when performing any security review touching LLM client code, prompt templates, agent tools, or vector stores. (triggers: LLM security, prompt injection, agent security, RAG security, AI security, openai, anthropic, langchain, LLM review)
90
87%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description with excellent trigger term coverage and completeness. It clearly defines both what the skill does and when to use it, with a well-defined niche in LLM security auditing. The main weakness is that the specificity of concrete actions could be improved—it describes the scope (audit checklist) but doesn't enumerate specific actions like identifying prompt injection vulnerabilities or validating tool permission boundaries.
Suggestions
Add 2-3 specific concrete actions to improve specificity, e.g., 'Identifies prompt injection risks, validates tool permission boundaries, reviews RAG retrieval sanitization, and checks for sensitive data exposure in LLM pipelines.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (OWASP LLM Top 10 audit) and mentions specific areas like RAG pipelines, prompt construction, agent tools, but doesn't list concrete actions beyond 'audit checklist'. It tells you what it covers but not specific actions it performs (e.g., 'checks for prompt injection vulnerabilities, validates input sanitization, reviews tool permission boundaries'). | 2 / 3 |
Completeness | Clearly answers both 'what' (OWASP LLM Top 10 audit checklist for AI applications, agent tools, RAG pipelines, prompt construction) and 'when' (Use when performing any security review touching LLM client code, prompt templates, agent tools, or vector stores) with explicit trigger terms listed. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms including both conceptual terms ('LLM security', 'prompt injection', 'agent security', 'RAG security', 'AI security') and tool-specific terms ('openai', 'anthropic', 'langchain'). These are terms users would naturally use when requesting a security review of LLM applications. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive niche focused specifically on LLM/AI security auditing using the OWASP LLM Top 10 framework. The combination of security review + LLM-specific technologies creates a clear, non-overlapping domain that is unlikely to conflict with general security or general AI skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, concise security checklist that efficiently communicates the OWASP LLM Top 10 with clear prioritization and workflow. Its main weakness is the lack of concrete code examples showing vulnerable vs. safe patterns, which would make it more immediately actionable for code review tasks. The progressive disclosure and workflow clarity are excellent for a checklist-style skill.
Suggestions
Add 1-2 concrete code examples showing vulnerable patterns vs. safe alternatives (e.g., string concatenation into prompts vs. separate user turn, or an uncapped agent loop vs. one with a depth limit) to improve actionability.
Consider adding a brief 'safe pattern' code snippet for the top anti-patterns (prompt concat, raw output in sinks) since these are the most commonly encountered issues during review.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Every token earns its place. The checklist is lean, uses a table for density, avoids explaining what LLMs or OWASP are, and assumes Claude's competence. No unnecessary preamble or concept explanations. | 3 / 3 |
Actionability | The checklist provides clear detection signals and anti-patterns, but lacks executable code examples (e.g., showing a vulnerable prompt concat vs. safe separate-turn pattern, or a concrete max_tokens enforcement snippet). The guidance is specific but not copy-paste ready. | 2 / 3 |
Workflow Clarity | Clear prioritized sequence (check LLM01 first, then LLM06), explicit marking system (✅/⚠️/🔴), and a concrete scoring consequence (P0 caps at 40/100). For a checklist-style skill, the workflow is unambiguous and well-sequenced. | 3 / 3 |
Progressive Disclosure | Clean overview in the main file with a single well-signaled reference to references/owasp-llm.md for full detection signals. One level deep, clearly navigable, and content is appropriately split between overview and detail. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- HoangNguyen0403/agent-skills-standard
- Commit
19a1140
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.