ProViLE

Many organizations are developing LLM‑based applications to improve productivity, supported by the growing number of platforms that simplify their creation. However, integrating LLMs into applications introduces new security risks, as adversaries can exploit models through natural‑language–based attacks such as prompt injections and jailbreaks. Successful attacks can lead to sensitive data leakage, reputational harm, or deeper compromise of internal digital environments.

These risks highlight the need for structured, repeatable, and context‑aware security tests. Therefore, we present ProViLE: a systematic methodology and supporting open‑source tool for prompt‑based security testing of LLM‑enabled applications. ProViLE builds on the principle that effective tests are highly dependent on the context of the application. The methodology guides practitioners through four key steps: (1) identifying potential attack objectives, (2) selecting relevant attack techniques, (3) formulating corresponding attack prompts, and (4) evaluating the LLM application’s responses to the attack prompts.

The ProViLE tool automates the final two steps by using LLMs to (3) generate attack prompts from objectives and techniques, and (4) evaluate whether a response constitutes a successful attack based on the objective and a scoring rubric. This enables scalable and consistent testing across diverse application contexts. The result is a structured overview of the security posture of an LLM‑based application across a set of custom security considerations.

ProViLE aims to facilitate the penetration‑testing workflow for LLM applications, but can also be used by development teams to conduct initial baseline assessments before deployment. By open‑sourcing the tool, we hope to support the broader development of secure LLM‑based systems.