Security & threat coverage
Bridgekeeper reduces and contains the attack classes detection alone misses. Coverage is maintained continuously — see the freshness changelog.
Protection current as of 2026-05-29 18:00 UTC
- 2026-05-29 — Indirect injection via retrieved markdown tables
- 2026-05-22 — Tool-call argument smuggling (nested JSON)
- 2026-05-14 — System-prompt exfiltration via translation request
| OWASP LLM risk | Bridgekeeper control |
|---|---|
| LLM01 Prompt Injection | Untrusted-content isolation + provenance tracking contain injected instructions. |
| LLM02 Insecure Output Handling | Outbound/exfiltration controls gate what the model can emit and where. |
| LLM06 Sensitive Information Disclosure | Provenance marks system/secret content non-disclosable. |
| LLM07 Insecure Plugin Design | Tool/function-call authorization gates privileged calls. |
| LLM08 Excessive Agency | Authorization + outbound control bound what actions the model can take. |