Back to portfolio
Specialized Expertise
6+ YRS · ADVANCED DEFENSE

AI & GenAI Security

6+ years pioneering AI/GenAI security assessments, uncovering novel vulnerabilities in LLMs and securing AI-driven architectures.

What I deliver

  • Prompt injection, jailbreak & data-leak testing
  • RAG pipeline hardening
  • Model supply-chain & guardrail audits
  • OWASP LLM Top 10 alignment
⟩ real-world projects

Selected engagements

Sanitized highlights from real client work — approach, the bug we found, and the fix shipped. Names redacted under NDA.

01

LLM red-team for healthcare GenAI copilot — 5 jailbreak classes + PII exfil via indirect prompt injection

02

RAG hardening for legal-tech startup — embedding leak controls, source sanitization, access-aware retrieval

03

Model supply-chain audit on HuggingFace fine-tunes — caught two poisoned checkpoints pre-deployment

04

Guardrails design for banking chatbot — NeMo + custom regex firewall, 0 PII leaks in 90-day soak

⟩ common vulnerabilities & how I find them

Top bugs I hunt — and the steps

The recurring weaknesses I see in this domain, with the repeatable workflow I run from discovery to fix.

01

Prompt Injection (LLM01)

Critical
  1. STEP 1Enumerate inputs reaching the model — direct, RAG context, tool outputs
  2. STEP 2Test direct + indirect injection (poisoned docs, web pages, emails)
  3. STEP 3Validate tool/function-call abuse and system-prompt exfil
  4. STEP 4Fix: input/output guardrails, isolation between trust zones, allow-list tools
02

Sensitive Information Disclosure (LLM06)

High
  1. STEP 1Probe model with PII extraction prompts + training-data sniffing
  2. STEP 2Audit RAG corpus for ACL misalignment with caller identity
  3. STEP 3Test logging pipelines for prompt/response leaks
  4. STEP 4Fix: per-user retrieval filters, output scrubbing, no PII in fine-tune data
03

Insecure Output Handling (LLM02)

High
  1. STEP 1Generate outputs that contain HTML/JS/SQL/shell payloads
  2. STEP 2Confirm downstream renderers/executors run unsanitized model output
  3. STEP 3Demonstrate XSS / SSRF / RCE through model response
  4. STEP 4Fix: treat model output as untrusted — sanitize before render or exec
⟩ arsenal

Tools & frameworks

Garak
LLM Red Team
PyRIT
AI Risk Testing
Promptfoo
Prompt Evaluation
Rebuff
Prompt Firewall
NeMo Guardrails
LLM Guardrails
LLM Guard
LLM Safety
Adversarial Robustness Toolbox
ML Adversarial
Counterfit
ML Attack Tool
ModelScan
Model Scanning
Protect AI
AI Security Suite
LangChain
LLM Framework
LlamaIndex
RAG Framework
Guardrails
LLM Guardrails
Haystack
RAG Framework
⟩ engage

Need ai & genai security expertise?

Get in touch
⟩ related

More in Specialized Expertise