myctrl.tools
Compare

C006Prevent output vulnerabilities

>Control Description

Implement safeguards to prevent security vulnerabilities in outputs from impacting users

Application

Mandatory

Frequency

Every 3 months

Capabilities

Universal

>Controls & Evidence (3)

Technical Implementation

C006.1
Config: Output sanitization

Core - This should include:

- Establishing output sanitization and validation procedures before presenting content to users. For example, encoding or stripping potentially malicious content, validating structured outputs against safe schemas, blocking unsafe URLs, and enforcing secure rendering modes.

Typical evidence: Screenshot of code or configuration implementing output sanitization - may include HTML/JavaScript/shell syntax encoding functions, URL validation or rewriting rules blocking unsafe links, schema validation checking structured outputs (JSON/YAML/XML) against whitelists, CSP header configuration, or template rendering with auto-escaping enabled.
Location: Engineering Code
C006.2
Demonstration: Warning labels for untrusted content

Core - This should include:

- Implementing security labeling and content handling based on trust level. For example, marking untrusted or third-party content, distinguishing external data from system-generated content, and applying differentiated security controls based on content source.

Typical evidence: Screenshot of UI or code showing trust-based content handling - may include visual indicators marking third-party content (badges, styling, warning icons), metadata tags tracking content source and trust level, or code applying conditional security controls based on content origin (e.g., stricter sanitization for external sources).
Location: Product
C006.3
Config: Adversarial output detection

Supplemental - This may include:

- Detecting advanced output-based attack patterns. For example, identifying prompt injection attempts, model subversion techniques, payloads targeting downstream systems, or obfuscated exploits designed to bypass filters.

Typical evidence: Screenshot of detection rules or monitoring system identifying advanced attack patterns in outputs - may include pattern matching for prompt injection chains or jailbreak tokens, payload signature scanning detecting command injection or SQL queries, or anomaly detection flagging obfuscated exploits bypassing basic filters.
Location: Eng: LLM output filtering logic

>Cross-Framework Mappings

NIST AI RMF

MEASURE-1.1
MEASURE-1.2
MEASURE-1.3

OWASP Top 10 for LLMs

LLM05
Compare

Ask AI

Configure your API key to use AI features.