AWS prescriptive-guidance medium security documentation change
Summary
Removed external link to Anthropic documentation while maintaining explanation of salted tags as defense against XML tag spoofing attacks
Security assessment
Explicitly documents mitigation (salted tags) against specific attack vector (XML tag spoofing) in LLM security context. Maintains security guidance while removing external reference.
Diff
diff --git a/prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md b/prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md index bb521fa3c..3d5133266 100644 --- a//prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md +++ b//prescriptive-guidance/latest/llm-prompt-engineering-best-practices/best-practices.md @@ -21 +21 @@ Securing an LLM-powered application requires specific guardrails to acknowledge -Some LLMs follow a template structure where information is wrapped in [XML tags](https://docs.anthropic.com/claude/docs/constructing-a-prompt#mark-different-parts-of-the-prompt) to help guide the LLM to certain resources such as conversation history or documents retrieved. Tag spoofing attacks try to take advantage of this structure by wrapping their malicious instructions in common tags, and leading the model into believing that the instruction was part of its original template. _Salted tags_ stop tag spoofing by appending a session-specific alphanumeric sequence to each XML tags in the form `<tagname-abcde12345>`. An additional instruction commands the LLM to only consider instructions that are within these tags. +Some LLMs follow a template structure where information is wrapped in XML tags to help guide the LLM to certain resources such as conversation history or documents retrieved. Tag spoofing attacks try to take advantage of this structure by wrapping their malicious instructions in common tags, and leading the model into believing that the instruction was part of its original template. _Salted tags_ stop tag spoofing by appending a session-specific alphanumeric sequence to each XML tags in the form `<tagname-abcde12345>`. An additional instruction commands the LLM to only consider instructions that are within these tags.