Risk
Unauthorized System Prompt Update/Tampering
Description
Unauthorized or erroneous changes to system prompts in production, leading to altered model behavior or vulnerabilities.
Example
Unapproved "hotfix" to a live system prompt creates prompt injection vector.
Assets Affected
System Prompt
Mitigation
- Version control
- IaC
- Change management for prompts
- Monitor prompt integrity
Standards Mapping
- ISO 42001: A.6.2.6, A.8.2
- OWASP Top 10 for LLM: LLM01, LLM07
- NIST AI RMF: MANAGE 2.4, MEASURE 2.4
- DASF v2: MODEL SERVING 9.11