Mitigation ID: SAFE-M-23
Category: Preventive Control
Effectiveness: Medium
Implementation Complexity: Low
First Published: 2025-01-09
Tool Output Truncation limits the size of tool outputs before they reach the LLM to prevent overwhelming the context with potentially malicious content. This mitigation implements configurable limits on output length, with different thresholds based on tool privilege levels and data types. By constraining output size, it reduces the attack surface for prompt injection attempts that rely on large volumes of text to hide malicious instructions.
- SAFE-T1102: Prompt Injection (Multiple Vectors)
- SAFE-T1103: Indirect Prompt Injection
- SAFE-T1601: Context Window Saturation
[TO BE COMPLETED]
[TO BE COMPLETED]
| Version | Date | Changes | Author |
|---|---|---|---|
| 0.1 | 2025-01-09 | Initial documentation | Frederick Kautz |