// Contribute
This is a community-driven repository. All content comes via GitHub pull requests.
Getting Started
# 1. Fork and clone
$ gh repo fork anandsureshworks/owasp-llm-top10 --clone
# 2. Install dependencies
$ npm install
# 3. Start dev server
$ npm run dev
# 4. Validate content
$ npm run velite
Content Types
content/writeups/llmXX/your-title.mdx
Research articles, vulnerability analyses, attack taxonomy. Required fields: title, description, owaspCategory, difficulty, severity, publishedAt.
content/labs/llmXX/your-lab.mdx
Hands-on challenges (CTF, guided, black-box, white-box). Required: title, owaspCategory, difficulty, challengeType, points, publishedAt.
content/demos/llmXX/your-demo.mdx
Interactive demonstrations using PromptPlayground, Sandpack, or SandboxedIframe components. Required: title, owaspCategory, demoType, publishedAt.
content/tools/llmXX/tool-name.mdx
Open-source tools for LLM security. Required: title, owaspCategory, owaspCategories, toolType, projectUrl, publishedAt.
Content Guidelines
- ›Content must be educational and defensive in nature
- ›No actual malware, working exploits against production systems, or credentials
- ›Labs and demos should use sandboxed/simulated environments
- ›Reference real CVEs and public disclosures where applicable
- ›All frontmatter must pass Velite schema validation (run npm run velite before PR)
- ›Follow responsible disclosure — do not include 0-days