OWASP/wrongsecrets

Have an LLM challenge

commjoen opened this issue · 0 comments

commjoen commented

Context

  • What should the challenge scenario be like?
  • What should the participant learn from completing the challenge?
  • For what category would the challenge be? (e.g. Docker, K8s, binary)

The scenario should be about a key that has been added to an LLM that should never be extracted. Preferably something like https://t.co/M4CvJv7UqS . This would then be a Docker challenge, which can have online instructions followed at https://www.youtube.com/watch?v=h74oXb4Kk8k.

Did you encounter this in real life? Could you tell us more about the scenario?

Not yet, but I think this will be a problem eventually.

If the challenge request is approved, would you be willing to submit a PR?

Yes