Glossary term
Glossary term
Security
Disclosure of hidden instructions, policy text, credentials, tool schemas, or internal logic that can weaken controls or reveal sensitive implementation details. While prompts alone are not security boundaries, leakage can expose internal policies, tool names, business logic, and attack surfaces that enable further compromise.
OWASP LLM07:2025 System Prompt Leakage was added to the 2025 OWASP Top 10 for LLM Applications.
Multiple researchers extracted Bing Chat's system prompt in February 2023, including its internal codename Sydney and its rules.
GPT Store custom GPTs were widely shown in 2023 and 2024 to leak their system prompts and uploaded files via simple repeat-back attacks.