Slide 6 · The Blast Radius
Every system downstream of an LLM is a potential target.
The vulnerability changes shape depending on where the output lands.
🌐Web Browser
LLM output rendered as HTML — any script tags or event handlers execute. Leads to XSS, session theft, page defacement.
🗃️Database
LLM-generated text inserted into SQL queries without parameterization. Leads to SQL injection: data theft, deletion, auth bypass.
💻Shell / OS
LLM-generated code or commands executed by the host. Leads to RCE: full server compromise, backdoors, data exfiltration.
🔗Internal APIs & Services
LLM-generated URLs or payloads forwarded by the server. Leads to SSRF: cloud metadata access, internal network scanning.
📁File System
LLM-generated file paths passed to open() or read(). Leads to path traversal: reading /etc/passwd, config files, private keys.