Trust
What data is llmthreat.com built from, and how is it licensed? (2026)
llmthreat.com draws on five source types. Risk definitions come from the OWASP GenAI Security Project. Technique IDs come from MITRE ATLAS. Tool metadata comes from per-repo licenses and the GitHub API. Funding figures come from third-party trackers. Each is attributed in the table below. Last verified 2026-07-13.
The source table
| Source | What we use it for | License / terms | Attribution |
|---|---|---|---|
| OWASP GenAI — LLM Top 10 (2025) | The ten risk definitions and IDs | CC BY-SA 4.0 | Attributed on every page; adaptations share-alike |
| OWASP GenAI Solutions Reference Guide | Category taxonomy (six pillars) | OWASP project terms | Named as the taxonomy spine |
| MITRE ATLAS | Technique IDs and tactics in coverage tables | MITRE terms of use | Referenced by ID; MITRE does not endorse us |
| GitHub API | Tool stars, last-push, license, release, archive status | GitHub API terms | Linked to each repository |
| Per-project repositories & licenses | Tool descriptions and license fields | Apache-2.0 / MIT / per project | Each project's license and repo linked |
| Company announcements, PitchBook / Crunchbase | Funding, rounds, acquisitions, HQ, founding | Third-party | Verified against a live source per figure; re-checked on a 4–6 week cadence |
No one here endorses us
OWASP, MITRE, GitHub, and the listed vendors and maintainers do not endorse llmthreat.com, its scores, or its rankings. Coverage assessments are llmthreat's own editorial reads. Trademarks belong to their owners.
Last verified 2026-07-13. Sources as listed above. Third-party figures are re-verified on a 4–6 week cadence.