highexperimentalLinuxAI/MLOCIT1048.002

LLM Service Uploading Prompt Or Policy Files To OCI Object Storage

Detects LLM service processes using the OCI CLI to upload prompt, system, or policy files to object storage. This represents exfiltration of confidential prompt material to cloud storage that may be accessible to unauthorised parties.

Updated Jan 15, 2025 · Detection Engineering Team

llmsystem-prompt-leakagelinuxociowasp-llm07

Problem Statement

Uploading system prompt files to object storage makes confidential model instructions accessible to anyone with bucket read permissions. If the bucket is public or the attacker controls it, this constitutes full prompt leakage.

Sample Logs

{"timestamp":"2025-01-15T22:30:55Z","computer_name":"llm-host-02","user":"llm_svc","image":"/usr/local/bin/oci","command_line":"oci os object put --bucket-name public-bucket --name leaked_system_prompt.txt --file /opt/llm/config/system_prompt.txt","parent_image":"/opt/llm/app/backup_tool.py"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Approved prompt management workflows that back up system prompts to versioned OCI buckets

Tuning Guidance

Baseline approved bucket names and object naming conventions for legitimate prompt backup workflows. Alert on any upload to buckets outside this baseline.