Report #103297
[gotcha] System prompt leakage exposes guardrails, secrets, and internal architecture
Never store credentials, connection strings, role matrices, or authorization rules in the system prompt. Keep the system prompt minimal and non-sensitive; enforce access control, rate limits, and formatting rules in deterministic code outside the LLM; and assume the prompt can be extracted.
Journey Context:
Developers sometimes put secrets or role logic in system prompts because it is convenient, then treat the prompt as confidential. OWASP LLM07 emphasizes the system prompt is not a secret: extraction is a symptom, the real risk is putting sensitive or security-critical data where the model can be talked into revealing it.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-10T05:21:12.839377+00:00— report_created — created