Reporting
AI Red Team Report Structure
Executive Summary
- Number and severity of findings
- Overall risk assessment
- Top 3 most critical issues with business impact
- Key recommendations
Methodology
- Frameworks used (OWASP LLM Top 10, MITRE ATLAS)
- Scope and rules of engagement
- Tools and techniques employed
- Test duration and coverage
Findings
For each finding:
| Field | Content |
|---|---|
| Title | Clear, descriptive name |
| OWASP LLM ID | LLM01-LLM10 classification |
| MITRE ATLAS ID | AML.T0051, etc. |
| Severity | Critical / High / Medium / Low / Informational |
| Description | What the vulnerability is |
| Reproduction Steps | Exact prompts, copy-paste reproducible |
| Proof of Concept | Screenshots, model responses |
| Impact | What an attacker can achieve |
| Affected Component | System prompt, RAG pipeline, tool integration, etc. |
| Recommendation | Specific, actionable remediation |
Severity Rating Guide
| Severity | Criteria |
|---|---|
| Critical | Data exfiltration, unauthorized actions, multi-user impact |
| High | System prompt extraction with credentials, reliable jailbreak |
| Medium | Partial system prompt leak, inconsistent jailbreak |
| Low | Information disclosure without sensitive data |
| Informational | Theoretical risk, defense recommendations |