CWE-1426
Improper Validation of Generative AI Output
The product invokes a generative AI/ML component whose behaviors and outputs cannot be directly controlled, but the product does not validate or insufficiently validates the outputs to ensure that they align with the intended security, content, or privacy policy.
Mitigation
Phase: Architecture and Design
Description:
- Since the output from a generative AI component (such as an LLM) cannot be trusted, ensure that it operates in an untrusted or non-privileged space.
Mitigation
Phase: Operation
Description:
- Use "semantic comparators," which are mechanisms that provide semantic comparison to identify objects that might appear different but are semantically similar.
Mitigation
Phase: Operation
Description:
- Use components that operate externally to the system to monitor the output and act as a moderator. These components are called different terms, such as supervisors or guardrails.
Mitigation
Phase: Build and Compilation
Description:
- During model training, use an appropriate variety of good and bad examples to guide preferred outputs.
No CAPEC attack patterns related to this CWE.