OWASP LLM Top 10 bundle

What it does: One-click pre-built policy that maps to OWASP LLM Top 10 (LLM01–LLM10), enabling the right detectors and constraints.

1. Vision context

OWASP LLM Top 10 is the de facto threat checklist for LLM applications. Buyers ask "are you covered against LLM01–LLM10?". Without a bundle, the answer is "well, we have these detectors — let me explain how they map." With a bundle, the answer is "tick this box; here's the per-category coverage report."

The pack also doubles as the input to the owasp-llm-probe-library — applying the pack enrolls the agent in the matching adversarial probe suite, so pre-deployment evaluation tests against exactly the threats the pack claims to cover.

2. Functional specification

Bundle covers each OWASP LLM category with the corresponding TapPass primitive (see architecture §3.2 for the full mapping table). Coverage report distinguishes:

Covered: LLM01, LLM02, LLM04, LLM05, LLM06, LLM07, LLM08, LLM10
Out of architectural scope: LLM03 (training data poisoning — provider concern; mitigated by 0-training policy), LLM09 (overreliance — application-quality concern; flagged by evaluation but not enforced)

3. Technical design

Lives at tappass/policy/compliance_packs/owasp_llm/v2026/. Versioned per OWASP release.

4. Definition of done

All acceptance_criteria pass.
Coverage report rendered cleanly in dashboard.
Probe suite linked: applying the pack auto-enrolls in OWASP probe library.

5. Coordination notes

With eu-ai-act-bundle: sibling. Apply both → strictest-wins merge.

With owasp-llm-probe-library: tightly linked. Probe suite version must track pack version.

6. Out of scope

LLM03 / LLM09 — explicit non-coverage with rationale.
Custom OWASP probe additions per customer — separate concept (per-tenant probe extension).