AWS Security ChangesHomeSearch

AWS prescriptive-guidance medium security documentation change

Service: prescriptive-guidance · 2026-02-28 · Security-related medium

File: prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md

Summary

Removed external link to Anthropic documentation while maintaining explanation of salted tags as defense against XML tag spoofing attacks

Security assessment

Explicitly documents mitigation (salted tags) against specific attack vector (XML tag spoofing) in LLM security context. Maintains security guidance while removing external reference.

Diff

diff --git a/prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md b/prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md
index bb521fa3c..3d5133266 100644
--- a//prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md
+++ b//prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md
@@ -21 +21 @@ Securing an LLM-powered application requires specific guardrails to acknowledge
-Some LLMs follow a template structure where information is wrapped in [XML tags](https://docs.anthropic.com/claude/docs/constructing-a-prompt#mark-different-parts-of-the-prompt) to help guide the LLM to certain resources such as conversation history or documents retrieved. Tag spoofing attacks try to take advantage of this structure by wrapping their malicious instructions in common tags, and leading the model into believing that the instruction was part of its original template. _Salted tags_ stop tag spoofing by appending a session-specific alphanumeric sequence to each XML tags in the form `<tagname-abcde12345>`. An additional instruction commands the LLM to only consider instructions that are within these tags.
+Some LLMs follow a template structure where information is wrapped in XML tags to help guide the LLM to certain resources such as conversation history or documents retrieved. Tag spoofing attacks try to take advantage of this structure by wrapping their malicious instructions in common tags, and leading the model into believing that the instruction was part of its original template. _Salted tags_ stop tag spoofing by appending a session-specific alphanumeric sequence to each XML tags in the form `<tagname-abcde12345>`. An additional instruction commands the LLM to only consider instructions that are within these tags.