This is to certify that SecIQ Technologies has performed Security Testing (VAPT) from 17-March-2026 to 18-March-2026 for the uKnowva BOT Application.
Executive Summary
Scope of Testing
The scope of this penetration testing was limited to the uKnowva BOT Application. The assessment focused on evaluating the security of the bot against AI-specific attack vectors, abuse scenarios, input manipulation techniques, and unauthorized data access attempts.
The testing was conducted in alignment with OWASP AI Security Testing Standards, OWASP Automated Threats to Web Applications, and OWASP API Security Top 10 guidelines.
Findings & Summary
The uKnowva BOT Application was assessed against a range of AI and bot security test cases to identify vulnerabilities related to prompt manipulation, data leakage, automation abuse, and insecure integrations.
No security vulnerabilities or business risks were identified within the defined scope of testing. The BOT demonstrated appropriate handling of malicious inputs and abuse scenarios, and no weaknesses were observed that could result in unauthorized access, sensitive data exposure, or misuse of automation capabilities.
Overall, the BOT aligns with industry-recognized security practices for AI-enabled applications within the scope assessed.
Business-Critical Risks
No business-critical risks were identified during this assessment.
The uKnowva BOT did not exhibit vulnerabilities related to:
-
Prompt Injection
-
Data Poisoning
-
Insecure Plugin Design
-
Excessive Agency
-
Data Leakage
-
Insecure Output Handling
-
Model Denial of Service
-
Sensitive Information Disclosure
The above application was tested for compliance with OWASP security guidelines, & the following Critical/High/Medium/Low issues identified as part of the assessment report have been fixed and verified as part of the retesting. Please refer to the table below:
Approach
This assessment was conducted using a grey-box security testing approach from the perspective of an authenticated application user interacting with the BOT functionality.
The objective was to identify potential weaknesses related to bot behavior, access control enforcement, input handling, abuse scenarios, and misuse of automation capabilities within the BOT-enabled application.
All testing activities were performed in a controlled manner to avoid disruption to production services or degradation of user experience. The assessment combined manual testing techniques with automated tools to evaluate AI security controls, abuse prevention mechanisms, and alignment with industry best practices.
The following phases were covered during this assessment:
-
Vulnerability Assessment
-
Triage and Validation
-
Report Generation & Review
Test Cases Performed
-
Prompt Injection
-
Data Poisoning
-
Insecure Plugin Design
-
Excessive Agency
-
Data Leakage
-
Insecure Output Handling
-
Model Denial of Service
-
Sensitive Information Disclosure
Assessment Report (Summary)
The uKnowva BOT successfully met the security requirements defined under the scope of this engagement. No vulnerabilities were identified during the assessment, and the application demonstrated resilience against common AI security threats and bot abuse scenarios.
Validity
This report is valid until any changes are made to the BOT logic, application configuration, or integrated AI components, or one year from the date of testing, whichever is earlier.
If you have any questions or need additional support, feel free to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..