OWASP AST10 - New Risk Entry Form

📌 Basic Information

Risk ID *

Next available: AST11 (AST01-AST10 are taken)

Risk Title *

Severity *

Platforms Affected *

📖 Description

Description *

Explain what the risk is and how it manifests in agentic skills.

Why It's Unique to Skills

🔍 Evidence & Attack Scenarios

Real-World Evidence

Include citations and dates where possible.

Attack Scenarios

Describe concrete attack scenarios with examples.

🛡️ Mitigations

Preventive Mitigations *

Code Examples

Use markdown code blocks with language specification.

🔗 Framework Mappings

OWASP Mapping

MAESTRO Layer Mappings

Layer 1: Foundation Models Layer 2: Data & Knowledge Layer 3: Agent Frameworks Layer 4: Deployment & Infrastructure Layer 5: Evaluation & Observability Layer 6: Security & Compliance Layer 7: Agent Ecosystem

MAESTRO Layer Details

🖥️ Platform-Specific Mitigations

OpenClaw Platform Guidance

Claude Code Platform Guidance

Cursor Platform Guidance

VS Code Platform Guidance

📚 Related Risks & References

Related Risks

References

Use markdown link format: [Title](URL)

📄 Generated Markdown Output

Copy this markdown and save it as astXX.md in the project root.

// Fill out the form and click "Generate Markdown" to see output here...

📊 Form Summary

Complete the form to see a summary here.

🛡️ OWASP AST10 - New Risk Entry Form