LLM Security Testing by Artifice Security is a penetration testing service focused on identifying security vulnerabilities in LLM-powered applications, specifically RAG (Retrieval-Augmented Generation) systems and AI agents. The service evaluates how LLM-enabled features behave under adversarial input and hostile data conditions. Testing covers the full AI system stack: prompts and guardrails, memory and session state, retrieval sources, tool and API integrations, and authorization controls. **Key Testing Areas:** **Prompt Injection:** Tests both direct chat-based injection and indirect injection, where attacker instructions are planted in content retrieved by the model (e.g., knowledge base articles, PDFs, tickets, web pages). **Sensitive Data Leakage:** Attempts to force cross-user or cross-tenant data exposure, extract system prompts, and surface sensitive fields that should be masked or access-controlled through retrieval and memory mechanisms. **Tool and API Abuse:** For AI agents, validates whether tools enforce authorization independently of the model, whether parameters are constrained, and whether high-risk actions require explicit user confirmation. **Authorization and Tenant Boundaries:** Tests whether low-privilege users can access high-privilege data or actions through the AI feature, validating controls at the data and tool layers rather than just the UI. **Insecure Output Handling:** Traces where model output is consumed and attempts to convert generated text into XSS, SSRF, injection, or other downstream vulnerabilities. **Unbounded Consumption:** Evaluates rate limits, token and tool budgets, caching, timeouts, and abuse detection to assess resilience against cost and denial-of-service attacks. Engagements produce reproducible evidence, a prioritized remediation plan, and an optional retest to verify fixes.