Control Framework

VAL: Input Validation

The Input Validation domain defends against prompt injection and instruction hijacking. Five controls address sanitization, detection, and boundary enforcement.

VAL-01 Input Sanitization

Requirement: All inputs processed by agents shall be sanitized to remove or neutralize potentially malicious content.

Rationale: Reduces risk of injection attacks through malformed inputs.

Evidence: Sanitization rules and test results.

Profile: Essential

VAL-02 Injection Detection

Requirement: Systems shall analyze inputs for patterns indicative of prompt injection attempts and flag suspicious content.

Rationale: Provides early warning of manipulation attempts.

Evidence: Detection rules and alert logs.

Profile: Essential

VAL-03 Source Verification

Requirement: Instructions shall be attributed to their source with verification of source authenticity where feasible.

Rationale: Enables differentiation between legitimate instructions and injected content.

Evidence: Source attribution logs and verification mechanisms.

Profile: Standard

VAL-04 Content Boundary Enforcement

Requirement: Systems shall maintain clear boundaries between trusted instructions and untrusted content.

Rationale: Prevents content from being interpreted as instructions.

Evidence: Boundary enforcement configuration and test results.

Profile: Elevated

VAL-05 Adversarial Testing

Requirement: Agent systems shall undergo periodic testing with adversarial inputs designed to trigger unintended behavior.

Rationale: Identifies vulnerabilities before exploitation.

Evidence: Test plans and results with remediation tracking.

Profile: Critical

Previous
DAT: Data Protection
Next
EXE: Execution Security