VERSION 1.0 β’ JANUARY 2026
The minimum standard for shipping AI in production β 2026 and beyond. Open, free, and practical.
π Pre-Deployment Requirements
Complete these before any AI component goes to production.
β
Threat Model AI Components
Document attack surfaces specific to your AI/LLM integration. Include data flows, trust boundaries, and potential abuse scenarios.
CRITICAL
β
Prompt Injection Testing
Test for both direct (user input) and indirect (RAG/context) prompt injection vulnerabilities.
CRITICAL
β
Output Validation Rules
Define and implement filtering for AI outputs. Block PII, code injection, harmful content, and policy violations.
HIGH
β
Data Leakage Assessment
Test for training data extraction, PII disclosure, and sensitive business information leakage.
HIGH
β
Jailbreak Resistance Testing
Verify system prompt protection against role-playing, encoding tricks, and instruction override attempts.
MEDIUM
β CI/CD Integration
Automate security checks in your deployment pipeline.
β
Automated Security Scan on Every PR
Run LLM security scans when AI-related code changes. Block merge if critical vulnerabilities found.
CRITICAL
β
Security Gate Before Production
Require security sign-off for AI deployments. No production without passing security checks.
HIGH
β
Scheduled Production Scans
Daily or weekly automated scans on live AI endpoints. Alert on new vulnerabilities.
MEDIUM
name: AI Security Scan on: [pull_request] jobs: security-scan: runs-on: ubuntu-latest steps: - uses: xsource-sec/agentaudit-action@v1 with: target: ${{ secrets.AI_ENDPOINT }} mode: full fail-on: critical,high
GitHub Action coming Q1 2026. For now, use AgentAudit web interface or API.
π‘ Runtime Protection
Protect your AI in production with these controls.
β
Input Sanitization
Validate and sanitize all user prompts before sending to AI. Block known injection patterns.
CRITICAL
β
Output Filtering
Scan AI responses for PII, code, harmful content before displaying to users.
CRITICAL
β
Rate Limiting
Implement per-user and per-session limits. Prevent abuse and DoS attacks.
HIGH
β
Anomaly Detection
Monitor for unusual patterns: token spikes, repeated jailbreak attempts, data exfiltration patterns.
MEDIUM
π Compliance & Audit
Meet regulatory requirements and maintain audit trails.
β
AI Interaction Logging
Log all prompts and responses (with appropriate PII handling). Retain for compliance period.
HIGH
β
Incident Response Plan
Document procedures for AI security incidents: jailbreaks, data leaks, harmful outputs.
HIGH
β
Regular Security Reviews
Quarterly review of AI security posture. Update threat model as capabilities change.
MEDIUM
π― OWASP LLM Top 10 Coverage
How this baseline maps to the OWASP LLM Top 10 (2025).
| ID | Vulnerability | Baseline Coverage | AgentAudit |
|---|---|---|---|
| LLM01 | Prompt Injection | Pre-deployment testing, Runtime input sanitization | β 200+ vectors |
| LLM02 | Insecure Output Handling | Output validation rules, Runtime filtering | β Full |
| LLM03 | Training Data Poisoning | Threat modeling, Data assessment | β Partial |
| LLM04 | Model Denial of Service | Rate limiting, Anomaly detection | β Full |
| LLM05 | Supply Chain Vulnerabilities | Security reviews, CI/CD scanning | β Partial |
| LLM06 | Sensitive Information Disclosure | Data leakage assessment, Output filtering | β Full |
| LLM07 | Insecure Plugin Design | Threat modeling, MCP/RAG security | β MCP Scanner |
| LLM08 | Excessive Agency | Threat modeling, Runtime controls | β Agent Scanner |
| LLM09 | Overreliance | Output validation, Human review processes | β Partial |
| LLM10 | Model Theft | Access controls, Audit logging | β Partial |
πΊ Framework Mapping
How this baseline aligns with major compliance frameworks.
πͺπΊ EU AI Act
Risk assessment, documentation, human oversight, and transparency requirements for high-risk AI systems.
πΊπΈ NIST AI RMF
Map, Measure, Manage framework for AI risk. Covers governance, security, and trustworthiness.
π SOC 2
Security, availability, and confidentiality controls extended to AI systems.
π ISO 27001
Information security controls applied to AI data handling and processing.
π₯ HIPAA
PHI protection requirements for AI systems handling healthcare data.
π³ PCI DSS
Payment data security requirements for AI processing cardholder information.