English
Related papers

Related papers: Prompt Injection Attack to Tool Selection in LLM A…

200 papers

As LLM agents transition from digital assistants to physical controllers in autonomous systems and robotics, they face an escalating threat from indirect prompt injection. By embedding adversarial instructions into the results of tool…

Artificial Intelligence · Computer Science 2026-01-09 Qiang Yu , Xinran Cheng , Chuanyi Liu

Tool learning serves as a powerful auxiliary mechanism that extends the capabilities of large language models (LLMs), enabling them to tackle complex tasks requiring real-time relevance or high precision operations. Behind its powerful…

Cryptography and Security · Computer Science 2025-04-08 Liuji Chen , Hao Gao , Jinghao Zhang , Qiang Liu , Shu Wu , Liang Wang

As LLMs increasingly power agents that interact with external tools, tool use has become an essential mechanism for extending their capabilities. These agents typically select tools from growing databases or marketplaces to solve user…

Cryptography and Security · Computer Science 2025-10-06 Jonathan Sneh , Ruomei Yan , Jialin Yu , Philip Torr , Yarin Gal , Sunando Sengupta , Eric Sommerlade , Alasdair Paren , Adel Bibi

LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks…

Cryptography and Security · Computer Science 2026-05-27 Xuanye Zhang , Yongsen Zheng , Zhuqin Xu , Kaiyu Zhou , Bowen Shen , Haoran Ou , Tianwei Zhang , Kwok-Yan Lam

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

When large language model (LLM) agents are increasingly deployed to automate tasks and interact with untrusted external data, prompt injection emerges as a significant security threat. By injecting malicious instructions into the data that…

Cryptography and Security · Computer Science 2026-02-05 Yizhu Wang , Sizhe Chen , Raghad Alkhudair , Basel Alomair , David Wagner

Agent hijacking, highlighted by OWASP as a critical threat to the Large Language Model (LLM) ecosystem, enables adversaries to manipulate execution by injecting malicious instructions into retrieved content. Most existing attacks rely on…

Artificial Intelligence · Computer Science 2026-02-20 Xinhao Deng , Jiaqing Wu , Miao Chen , Yue Xiao , Ke Xu , Qi Li

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

Tool-augmented Large Language Model (LLM) agents have demonstrated impressive capabilities in automating complex, multi-step real-world tasks, yet remain vulnerable to indirect prompt injection. Adversaries exploit this weakness by…

Cryptography and Security · Computer Science 2026-05-12 Wei Zhao , Zhe Li , Peixin Zhang , Jun Sun

Recent work has embodied LLMs as agents, allowing them to access tools, perform actions, and interact with external content (e.g., emails or websites). However, external content introduces the risk of indirect prompt injection (IPI)…

Computation and Language · Computer Science 2024-08-06 Qiusi Zhan , Zhixiang Liang , Zifan Ying , Daniel Kang

Prompt injection attacks can compromise the security and stability of critical systems, from infrastructure to large web applications. This work curates and augments a prompt injection dataset based on the HackAPrompt Playground Submissions…

Cryptography and Security · Computer Science 2025-12-16 Safwan Shaheer , G. M. Refatul Islam , Mohammad Rafid Hamid , Md. Abrar Faiaz Khan , Md. Omar Faruk , Yaseen Nur

In this fast-evolving area of LLMs, our paper discusses the significant security risk presented by prompt injection attacks. It focuses on small open-sourced models, specifically the LLaMA family of models. We introduce novel defense…

Cryptography and Security · Computer Science 2025-12-19 Safwan Shaheer , G. M. Refatul Islam , Mohammad Rafid Hamid , Tahsin Zaman Jilan

Large Language Model (LLM) agents increasingly use external tools for complex tasks and rely on embedding-based retrieval to select a small top-k subset for reasoning. As these systems scale, the robustness of this retrieval stage is…

Computation and Language · Computer Science 2026-03-17 Hussein Jawad , Nicolas J-B Brunel

When large language model (LLM) systems interact with external data to perform complex tasks, a new attack, namely prompt injection, becomes a significant threat. By injecting instructions into the data accessed by the system, the attacker…

Cryptography and Security · Computer Science 2025-08-26 Sizhe Chen , Yizhu Wang , Nicholas Carlini , Chawin Sitawarin , David Wagner

LLM-as-a-Judge uses a large language model (LLM) to select the best response from a set of candidates for a given question. LLM-as-a-Judge has many applications such as LLM-powered search, reinforcement learning with AI feedback (RLAIF),…

Cryptography and Security · Computer Science 2025-08-26 Jiawen Shi , Zenghui Yuan , Yinuo Liu , Yue Huang , Pan Zhou , Lichao Sun , Neil Zhenqiang Gong

Large language model (LLM) agents are widely deployed in real-world applications, where they leverage tools to retrieve and manipulate external data for complex tasks. However, when interacting with untrusted data sources (e.g., fetching…

Cryptography and Security · Computer Science 2025-08-22 Hengyu An , Jinghuai Zhang , Tianyu Du , Chunyi Zhou , Qingming Li , Tao Lin , Shouling Ji

Tool-calling has changed Large Language Model (LLM) applications by integrating external tools, significantly enhancing their functionality across diverse tasks. However, this integration also introduces new security vulnerabilities,…

Cryptography and Security · Computer Science 2025-06-17 Haowei Wang , Rupeng Zhang , Junjie Wang , Mingyang Li , Yuekai Huang , Dandan Wang , Qing Wang

Agentic AI coding editors driven by large language models have recently become more popular due to their ability to improve developer productivity during software development. Modern editors such as Cursor are designed not just for code…

Cryptography and Security · Computer Science 2026-04-29 Yue Liu , Yanjie Zhao , Yunbo Lyu , Ting Zhang , Haoyu Wang , David Lo

A prompt injection attack aims to inject malicious instruction/data into the input of an LLM-Integrated Application such that it produces results as an attacker desires. Existing works are limited to case studies. As a result, the…

Cryptography and Security · Computer Science 2025-11-13 Yupei Liu , Yuqi Jia , Runpeng Geng , Jinyuan Jia , Neil Zhenqiang Gong

With the advancement of technology, large language models (LLMs) have achieved remarkable performance across various natural language processing (NLP) tasks, powering LLM-integrated applications like Microsoft Copilot. However, as LLMs…

Cryptography and Security · Computer Science 2025-08-05 Yulin Chen , Haoran Li , Zihao Zheng , Yangqiu Song , Dekai Wu , Bryan Hooi
‹ Prev 1 2 3 10 Next ›