Security specialty

Ai Security

Browse every cataloged workflow for ai security, with source context, tags, and security framework mappings intact.

Complete collection

Skills in this domain

14 skills

cybersecuritySkill

Assessing Vector and Embedding Weaknesses

Test vector stores for embedding inversion, cross-tenant leakage, and poisoning.

Ai Security
ai-securitydata-poisoningembedding-inversionmulti-tenant-isolation+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Auditing MCP Servers for Tool Poisoning

Scan Model Context Protocol servers and tool metadata for poisoning, SSRF, and unauthenticated exposure.

Ai Security
agent-securityai-securitymcpmcp-scan+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Continuous LLM Red Teaming with Promptfoo

Wire Promptfoo and DeepTeam into CI/CD for automated regression red-teaming of LLM apps against OWASP LLM Top 10 and OWASP Agentic presets, failing the build when jailbreak or injection vulnerabilities regress.

Ai Security
ai-securityci-cddeepteamjailbreak+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Defending LLMs with Guardrails

Deploy Llama Guard, NeMo Guardrails, and LLM Guard input/output scanners as runtime defenses.

Ai Security
ai-securitycontent-moderationllama-guardllm-guard+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Detecting AI Model Prompt Injection Attacks

Detects prompt injection attacks targeting LLM-based applications using a multi-layered defense combining regex pattern matching for known attack signatures, heuristic scoring for structural anomalies, and transformer-based classification with DeBERTa models. The detector analyzes user inputs before they reach the LLM, flagging direct injections (system prompt overrides, role-play escapes, instruction hijacking) and indirect injections (encoded payloads, multi-language obfuscation, delimiter-based escapes). Based on the OWASP LLM Top 10 (LLM01:2025 Prompt Injection) and Simon Willison's prompt injection taxonomy. Activates for requests involving prompt injection detection, LLM input sanitization, AI security scanning, or prompt attack classification.

Ai Security
input-validationllm-securitynlp-classificationowasp-llm-top10+1
ATT&CK, 5 mappingsNIST CSF, 4 mappingsATLAS, 5 mappingsD3FEND, 5 mappingsAI RMF, 5 mappings
cybersecuritySkill

Detecting Data and Model Poisoning

Identify poisoned training data and backdoored models across the ML pipeline.

Ai Security
activation-clusteringadversarial-robustness-toolboxai-securitydata-poisoning+4
ATLAS, 2 mappingsAI RMF, 1 mapping
cybersecuritySkill

Detecting Indirect Prompt Injection

Detect and defend against prompt injection hidden in documents, web pages, and images consumed by an agent.

Ai Security
agent-securityai-securitycontent-scanningindirect-prompt-injection+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Detecting Model Extraction Attacks

Detect model stealing, model inversion, and membership inference performed through inference-API abuse by monitoring query patterns, applying output perturbation, and red-teaming your own model's extractability.

Ai Security
ai-securityinference-apimembership-inferencemitre-atlas+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Implementing LLM Guardrails for Security

Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection, data leakage, toxic content generation, and hallucinated outputs. Builds a security validation pipeline using NVIDIA NeMo Guardrails Colang definitions, custom Python validators for PII detection and content policy enforcement, and the Guardrails AI framework for structured output validation. The guardrails system intercepts both user inputs (blocking injection attempts, stripping PII, enforcing topic boundaries) and model outputs (detecting hallucinations, filtering toxic content, validating JSON schema compliance). Activates for requests involving LLM output validation, AI content filtering, guardrail implementation, or LLM safety enforcement.

Ai Security
ai-safetyinput-validationllm-guardrailsnemo-guardrails+1
ATT&CK, 4 mappingsNIST CSF, 4 mappingsATLAS, 5 mappingsD3FEND, 5 mappingsAI RMF, 5 mappings
cybersecuritySkill

Orchestrating LLM Attacks with PyRIT

Build multi-turn, Crescendo, and Tree-of-Attacks-with-Pruning (TAP) automated attack chains against conversational LLM agents using Microsoft PyRIT, with adversarial chat and scorer feedback loops.

Ai Security
ai-securitycrescendojailbreakllm-red-teaming+4
ATLAS, 2 mappingsAI RMF, 1 mapping
cybersecuritySkill

Red-Teaming LLMs with garak

Run NVIDIA garak probe suites against an LLM endpoint to test for jailbreaks, prompt injection, data leakage, and toxic generation, then interpret the hit-rate report for triage and reporting.

Ai Security
ai-securitydata-leakagegarakjailbreak+4
ATLAS, 2 mappingsAI RMF, 1 mapping
cybersecuritySkill

Securing Agentic AI Tool Invocation

Apply least-privilege tool allowlisting, identity binding, and human-in-the-loop controls for agent tool calls.

Ai Security
agentic-aiai-securityhuman-in-the-loopidentity-binding+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Testing for System Prompt Leakage

Extract and defend system prompts plus embedded secrets and routing logic.

Ai Security
ai-securitydata-leakagegarakllm-red-team+4
ATLAS, 1 mappingAI RMF, 1 mapping
cybersecuritySkill

Testing Prompt Injection in RAG Pipelines

Probe RAG applications for prompt injection via poisoned retrieved context and embedding manipulation.

Ai Security
ai-securitygarakllm-red-teamingowasp-llm+4
ATLAS, 1 mappingAI RMF, 1 mapping