✕

Security boundary

Unbounded Consumption

Severity: Medium

Unbounded Consumption involves overwhelming the AI system with resource-intensive requests or massive, complex inputs until it can no longer serve legitimate users efficiently. By forcing the model to expend excessive computational resources, an attacker can degrade performance, cause timeouts, or entirely deny access to others. This approach can result in denial of service conditions or inflated operational costs, undermining the platform’s reliability and financial stability.

Example:

A malicious actor floods a public-facing language model API with numerous large and convoluted queries. The system bogs down under the processing load, slowing to a crawl and ultimately failing to respond to genuine users. This orchestrated strain demonstrates a successful resource exhaustion attack, rendering the service unavailable.

References:

• MITRE ATLAS: Denial of ML Service (AML.T0029), Cost Harvesting (AML.T0034)
• OWASP LLM 2025: LLM10:2025 Unbounded Consumption
• OWASP LLM 2023-2024: LLM04: Model Denial of Service
• avid-effect:security:S0302 (excessive queries)
• avid-effect:performance:P0600 (scaling)