OASB
v1.0
Controls/Output Security/4.1
L1 EssentialAutomated verification

4.1 Output Validation

4. Output SecurityHow do we validate agent outputs?

Description

Agent outputs MUST be validated against expected schemas and safety constraints before execution.

Rationale

LLMs can hallucinate malformed outputs or be manipulated into producing malicious content.

Audit Procedure

1. Identify all output types
2. Check for output validation middleware
3. Verify schema validation for structured outputs

Remediation

1. Implement output schema validation
2. Sanitize code before execution
3. Implement output filters for sensitive content

Framework Mappings

CIS Control 16.10NIST PR.DS-5OWASP LLM02:2023
Previous3.5 Multi-Modal Input SecurityNext4.2 Action Confirmation for Destructive Operations