mediumexperimentalLinuxAI/MLNetworkT1005

LLM Service Pulling External Content For Response Enrichment

Detects LLM service processes spawning curl or wget during request handling. Fetching external content for response enrichment introduces an uncontrolled information source that may inject false, attacker-controlled, or outdated facts into model responses.

Updated Jan 15, 2025 · Detection Engineering Team

llmmisinformationlinuxnetworkowasp-llm09

Problem Statement

LLM services that fetch external content during response generation introduce an unverified information source. Attacker-controlled content fetched during enrichment can cause the model to confidently present false information as fact.

Sample Logs

{"timestamp":"2025-01-15T15:14:07Z","computer_name":"llm-host-03","user":"llm_svc","image":"/usr/bin/curl","command_line":"curl -s https://news-source.attacker.com/feed.json","parent_image":"/opt/llm/app/response_enricher.py"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Approved tool-use integrations that fetch external data from verified sources as part of the LLM workflow

Tuning Guidance

Maintain an allowlist of approved external content sources. Alert on any curl/wget targeting unrecognised domains during request handling.