mediumexperimentalLinuxAI/MLT1059.004

LLM Service Writing Script To Temp Path

Detects LLM service processes writing script files (.sh, .py, .pl) to temporary directories. This pattern suggests the model output or an injected prompt caused the service to stage executable code for later execution.

Updated Jan 15, 2025 · Detection Engineering Team

llmprompt-injectionlinuxfile-writeowasp-llm01

Problem Statement

Prompt injection may cause an LLM service to generate and stage malicious scripts in temporary directories as a precursor to code execution.

Sample Logs

{"timestamp":"2025-01-15T17:21:09Z","computer_name":"llm-host-01","user":"llm_svc","image":"/opt/llm/app/chat_handler.py","target_filename":"/tmp/run_task.sh","event_type":"file_create"}

Required Fields

image

target_filename

user

computer_name

False Positives

·LLM code generation tools that intentionally write scripts to temp for sandboxed execution

Tuning Guidance

Correlate with subsequent execution events on the same file. A write followed by exec of the same filename is high confidence.