English
Related papers

Related papers: WASP: Benchmarking Web Agent Security Against Prom…

200 papers

The integration of artificial intelligence (AI) agents into web browsers introduces security challenges that go beyond traditional web application threat models. Prior work has identified prompt injection as a new attack vector for web…

Machine Learning · Computer Science 2025-11-26 Kaiyuan Zhang , Mark Tenenholtz , Kyle Polley , Jerry Ma , Denis Yarats , Ninghui Li

Multiple prompt injection attacks have been proposed against web agents. At the same time, various methods have been developed to detect general prompt injection attacks, but none have been systematically evaluated for web agents. In this…

Cryptography and Security · Computer Science 2025-10-03 Yinuo Liu , Ruohan Xu , Xilong Wang , Yuqi Jia , Neil Zhenqiang Gong

Evolving AI systems increasingly deploy multi-agent architectures where autonomous agents collaborate, share information, and delegate tasks through developing protocols. This connectivity, while powerful, introduces novel security risks.…

Cryptography and Security · Computer Science 2025-07-30 Gauri Sharma , Vidhi Kulkarni , Miles King , Ken Huang

Indirect prompt injection attacks threaten AI agents that execute consequential actions, motivating deterministic system-level defenses. Such defenses can provably block unsafe actions by enforcing confidentiality and integrity policies,…

Cryptography and Security · Computer Science 2026-02-13 Aashish Kolluri , Rishi Sharma , Manuel Costa , Boris Köpf , Tobias Nießen , Mark Russinovich , Shruti Tople , Santiago Zanella-Béguelin

Web agents automate browser tasks, ranging from simple form completion to complex workflows like ordering groceries. While current benchmarks evaluate general-purpose performance~(e.g., WebArena) or safety against malicious actions~(e.g.,…

Cryptography and Security · Computer Science 2026-04-09 Guruprasad Viswanathan Ramesh , Asmit Nayak , Basieem Siddique , Kassem Fawaz

Web-based agents powered by large language models are increasingly used for tasks such as email management or professional networking. Their reliance on dynamic web content, however, makes them vulnerable to prompt injection attacks:…

Web agents can autonomously complete online tasks by interacting with websites, but their exposure to open web environments makes them vulnerable to prompt injection attacks embedded in HTML content or visual interfaces. Existing guard…

Cryptography and Security · Computer Science 2026-05-15 Tri Cao , Yulin Chen , Hieu Cao , Yibo Li , Khoi Le , Thong Nguyen , Yuexin Li , Yufei He , Yue Liu , Shuicheng Yan , Bryan Hooi

AI agents are vulnerable to indirect prompt injection attacks, where malicious instructions embedded in external content or tool outputs cause unintended or harmful behavior. Inspired by the well-established concept of firewalls, we show…

Cryptography and Security · Computer Science 2026-03-24 Rishika Bhagwatkar , Kevin Kasa , Abhay Puri , Gabriel Huang , Irina Rish , Graham W. Taylor , Krishnamurthy Dj Dvijotham , Alexandre Lacoste

Retrieval-augmented generation (RAG) systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive…

Cryptography and Security · Computer Science 2025-11-21 Badrinath Ramakrishnan , Akshaya Balaji

Computer-Use Agents (CUAs) with full system access enable powerful task automation but pose significant security and privacy risks due to their ability to manipulate files, access user data, and execute arbitrary commands. While prior work…

Artificial Intelligence · Computer Science 2026-03-03 Tri Cao , Bennett Lim , Yue Liu , Yuan Sui , Yuexin Li , Shumin Deng , Lin Lu , Nay Oo , Shuicheng Yan , Bryan Hooi

AI agents have been boosted by large language models. AI agents can function as intelligent assistants and complete tasks on behalf of their users with access to tools and the ability to execute commands in their environments. Through…

Cryptography and Security · Computer Science 2024-12-19 Yifeng He , Ethan Wang , Yuyang Rong , Zifei Cheng , Hao Chen

Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current…

Software Engineering · Computer Science 2025-11-26 Aram Vardanyan

With the fast development of large language models (LLMs), LLM-driven Web Agents (Web Agents for short) have obtained tons of attention due to their superior capability where LLMs serve as the core part of making decisions like the human…

Cryptography and Security · Computer Science 2024-02-28 Fangzhou Wu , Shutong Wu , Yulong Cao , Chaowei Xiao

Prompt injection is the most critical vulnerability in deployed AI agents. Despite recent progress, we show that the prevailing defense paradigm (data-instruction separation) both fails to detect attacks that operate through contextual…

Cryptography and Security · Computer Science 2026-05-19 Sahar Abdelnabi , Eugene Bagdasarian

AI agents, predominantly powered by large language models (LLMs), are vulnerable to indirect prompt injection, in which malicious instructions embedded in untrusted data can trigger dangerous agent actions. This position paper discusses our…

Cryptography and Security · Computer Science 2026-04-01 Chong Xiang , Drew Zagieboylo , Shaona Ghosh , Sanjay Kariyappa , Kai Greshake , Hanshen Xiao , Chaowei Xiao , G. Edward Suh

Recent work has embodied LLMs as agents, allowing them to access tools, perform actions, and interact with external content (e.g., emails or websites). However, external content introduces the risk of indirect prompt injection (IPI)…

Computation and Language · Computer Science 2024-08-06 Qiusi Zhan , Zhixiang Liang , Zifan Ying , Daniel Kang

AI agents that autonomously interact with external tools and environments have shown great promise across real-world applications. However, their reliance on external data exposes them to serious indirect prompt injection attacks, where…

Cryptography and Security · Computer Science 2026-05-08 Hao Li , Ruoyao Wen , Shanghao Shi , Ning Zhang , Yevgeniy Vorobeychik , Chaowei Xiao

As AI systems gain increasing autonomy and execution capability, the number of discovered security vulnerabilities continues to rise. However, many of these vulnerabilities are not fundamentally novel, but instead reflect recurring classes…

Cryptography and Security · Computer Science 2026-05-27 Kevin Eykholt , Dhilung Kirat , Xiaokui Shu , Jiyong Jang , Frederico Araujo , Ian Molloy

As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt…

An Artificial Intelligence (AI) agent is a software entity that autonomously performs tasks or makes decisions based on pre-defined objectives and data inputs. AI agents, capable of perceiving user inputs, reasoning and planning tasks, and…

Cryptography and Security · Computer Science 2025-11-26 Zehang Deng , Yongjian Guo , Changzhou Han , Wanlun Ma , Junwu Xiong , Sheng Wen , Yang Xiang
‹ Prev 1 2 3 10 Next ›