English

CI-Work: Benchmarking Contextual Integrity in Enterprise LLM Agents

Cryptography and Security 2026-04-24 v1 Computation and Language

Abstract

Enterprise LLM agents can dramatically improve workplace productivity, but their core capability, retrieving and using internal context to act on a user's behalf, also creates new risks for sensitive information leakage. We introduce CI-Work, a Contextual Integrity (CI)-grounded benchmark that simulates enterprise workflows across five information-flow directions and evaluates whether agents can convey essential content while withholding sensitive context in dense retrieval settings. Our evaluation of frontier models reveals that privacy failures are prevalent (violation rates range from 15.8%-50.9%, with leakage reaching up to 26.7%) and uncovers a counterintuitive trade-off critical for industrial deployment: higher task utility often correlates with increased privacy violations. Moreover, the massive scale of enterprise data and potential user behavior further amplify this vulnerability. Simply increasing model size or reasoning depth fails to address the problem. We conclude that safeguarding enterprise workflows requires a paradigm shift, moving beyond model-centric scaling toward context-centric architectures.

Keywords

Cite

@article{arxiv.2604.21308,
  title  = {CI-Work: Benchmarking Contextual Integrity in Enterprise LLM Agents},
  author = {Wenjie Fu and Xiaoting Qin and Jue Zhang and Qingwei Lin and Lukas Wutschitz and Robert Sim and Saravan Rajmohan and Dongmei Zhang},
  journal= {arXiv preprint arXiv:2604.21308},
  year   = {2026}
}
R2 v1 2026-07-01T12:31:55.142Z