Add OWASP Top 10 for Large Language Model Applications metadata

Generated on 2025-10-11 by Arkadii Yakovets as part of the OWASP Schema initiative within OWASP Nest.
Repository: `OWASP/www-project-top-10-for-large-language-model-applications`

Co-authored-by: Arkadii Yakovets <[email protected]>

Author: owasp-nest[bot]

.github/dependabot.yml

@@ -1,51 +1,7 @@
-# .github/dependabot.yml
 version: 2
 updates:
-  # Enable version updates for npm/yarn (JavaScript/TypeScript dependencies)
-  - package-ecosystem: "npm"
-    directory: "/"
+  - package-ecosystem: github-actions
+    directory: /
     schedule:
-      interval: "weekly"
-    # Ignore the agent_security_initiative directory as it contains deliberately insecure code
-    ignore:
-      - dependency-name: "*"
-        paths:
-          - "initiatives/agent_security_initiative/**"
-    labels:
-      - "dependencies"
-      - "security"
-
-  # Enable version updates for Python dependencies (pip/pipenv/poetry)
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    ignore:
-      - dependency-name: "*"
-        paths:
-          - "initiatives/agent_security_initiative/**"
-    labels:
-      - "dependencies"
-      - "security"
-
-  # Enable version updates for Docker
-  - package-ecosystem: "docker"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    ignore:
-      - dependency-name: "*"
-        paths:
-          - "initiatives/agent_security_initiative/**"
-    labels:
-      - "dependencies"
-      - "security"
-
-  # Enable version updates for GitHub Actions
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    labels:
-      - "dependencies"
-      - "ci"
+      interval: weekly
+      time: '00:45'

.github/workflows/validate-owasp-metadata.yaml

@@ -0,0 +1,27 @@
+name: Validate OWASP entity metadata
+
+on:
+  pull_request:
+    paths:
+      - '*.owasp.yaml'
+  push:
+    paths:
+      - '*.owasp.yaml'
+
+permissions:
+  contents: read
+
+concurrency:
+  cancel-in-progress: true
+  group: ${{ github.repository }}-${{ github.workflow }}-${{ github.ref }}
+
+jobs:
+  validate-metadata:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Validate metadata file
+        uses: owasp/nest-schema/.github/actions/validate@a733198b4a942eb12d3ee8629cd9e0d409b1b2b9

project.owasp.yaml

@@ -0,0 +1,38 @@
+audience:
+  - builder
+community:
+  - name: project-genai
+    platform: slack
+    url: https://owasp.slack.com/archives/C05956H7R8R
+    description: "Project Website: <https://genai.owasp.org>\n\nOWASP page: <https://github.com/OWASP/www-project-top-10-for-large-language-model-applications>\n\
+      \nGitHub Repo: <https://github.com/OWASP/www-project-top-10-for-large-language-model-applications>"
+leaders:
+  - name: Steve Wilson
+    email: [email protected]
+    github: virtualsteve-star
+  - name: Ads Dawson
+    email: [email protected]
+    github: GangGreenTemperTatum
+  - name: John Sotiropoulos
+    email: [email protected]
+    github: jsotiro
+  - name: Scott Clinton
+    email: [email protected]
+    github: SClinton
+  - name: Sandy Dunn
+    email: [email protected]
+    github: subzer0girl2
+level: 2
+name: OWASP Top 10 for Large Language Model Applications
+pitch: Aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large
+  Language Models (LLMs)
+repositories:
+  - name: www-project-top-10-for-large-language-model-applications
+    url: https://github.com/OWASP/www-project-top-10-for-large-language-model-applications
+    description: OWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)
+tags:
+  - example-tag
+  - custom-tag-1
+  - custom-tag-2
+type: documentation
+website: https://owasp.org/www-project-top-10-for-large-language-model-applications