LLM Security in 2026: The Python Developer's Checklist (What I Learned Getting Burned in Production)

After getting burned by a prompt injection issue in production (nothing catastrophic, but embarrassing), I put together a security checklist for Python devs building LLM-powered apps. Sharing in case it helps someone. The Threat Model (Simplified) OWASP now lists prompt injection as the #1 LLM vulnerability (LLM01:2025), and their research found it in 73% of production AI deployments . OpenAI's own CISO called it a "frontier, unsolved security problem." That's not reassuring. Three main attack vectors: Direct injection : user crafts malicious input to override your system prompt Indirect injection : content your app retrieves (web pages, docs, emails) contains hidden instructions Multi-agent : one compromised agent manipulates others in your pipeline Confirmed Real Incidents (Not FUD) From 2025 incident analysis: EchoLeak (CVE-2025-32711) : CVSS 9.3, no user interaction required, affects major platforms Slack AI : indirect prompt injection surfacing private channel content via public m