1 / 6
The 'prompt as egress' insight
In this lesson
The 'prompt as egress' insight
Classify prompts sent to generative AI systems as network egress events, applying the same data-loss prevention criteria you would use for email-to-external or cloud uploads, and identify which categories of sensitive…
You'll be able to
- Classify prompts sent to generative AI systems as network egress events, applying the same data-loss prevention criteria you would use for email-to-external or cloud uploads, and identify which categories of sensitive information (PII, financial details, proprietary data) fall under OWASP LLM02:2025 Sensitive Information Disclosure[^4][^5].
- Evaluate an organization's current AI usage policy against AWS Well-Architected ML Lens guidance on restricting network egress from environments containing sensitive data, and propose at least two automated controls (such as service control policies or input validation) that treat the AI prompt interface as a monitored egress point[^2].
- Apply the "prompt as egress" mental model to a real-world scenario by rewriting a sample user prompt that inadvertently discloses sensitive information, demonstrating how input validation and output filtering safeguards prevent unintended data leakage in production AI systems[^2].
- Create a checklist for developers and end-users that operationalizes the principle "every prompt is a data export," incorporating at least three controls from OWASP LLM Top 10 (2025) and one from NIST AI RMF measurement practices, suitable for integration into a CI/CD pipeline or user-training module[^1][^3][^4].