English
Related papers

Related papers: Simple Prompt Injection Attacks Can Leak Personal …

200 papers

AI agents aim to solve complex tasks by combining text-based reasoning with external tool calls. Unfortunately, AI agents are vulnerable to prompt injection attacks where data returned by external tools hijacks the agent to execute…

Cryptography and Security · Computer Science 2024-11-26 Edoardo Debenedetti , Jie Zhang , Mislav Balunović , Luca Beurer-Kellner , Marc Fischer , Florian Tramèr

Indirect prompt injection threatens LLM agents by embedding malicious instructions in external content, enabling unauthorized actions and data theft. LLM agents maintain working memory through their context window, which stores interaction…

Cryptography and Security · Computer Science 2026-02-10 Ruoyao Wen , Hao Li , Chaowei Xiao , Ning Zhang

Large language model (LLM)-based agents combine LLMs with external tools to automate tasks such as scheduling meetings, managing documents, or booking travel. While these integrations unlock powerful capabilities, they also create new and…

Cryptography and Security · Computer Science 2026-04-22 Jonathan Evertz , Merlin Chlosta , Lea Schönherr , Thorsten Eisenhofer

Agentic large language model systems increasingly automate tasks by retrieving URLs and calling external tools. We show that this workflow gives rise to implicit prompt injection: adversarial instructions embedded in automatically generated…

Cryptography and Security · Computer Science 2026-02-27 Qianlong Lan , Anuj Kaul , Shaun Jones , Stephanie Westrum

Large Language Model (LLM) agents are increasingly being deployed as conversational assistants capable of performing complex real-world tasks through tool integration. This enhanced ability to interact with external systems and process…

Cryptography and Security · Computer Science 2024-12-24 Feiran Jia , Tong Wu , Xin Qin , Anna Squicciarini

AI agents are vulnerable to indirect prompt injection attacks, where malicious instructions embedded in external content or tool outputs cause unintended or harmful behavior. Inspired by the well-established concept of firewalls, we show…

Cryptography and Security · Computer Science 2026-03-24 Rishika Bhagwatkar , Kevin Kasa , Abhay Puri , Gabriel Huang , Irina Rish , Graham W. Taylor , Krishnamurthy Dj Dvijotham , Alexandre Lacoste

Large Language Model (LLM) agents offer a powerful new paradigm for solving various problems by combining natural language reasoning with the execution of external tools. However, their dynamic and non-transparent behavior introduces…

Cryptography and Security · Computer Science 2025-11-19 Peiran Wang , Yang Liu , Yunfei Lu , Yifeng Cai , Hongbo Chen , Qingyou Yang , Jie Zhang , Jue Hong , Ye Wu

Despite their potential, recent research has demonstrated that LLM agents are vulnerable to prompt injection attacks, where malicious prompts are injected into the agent's input, causing it to perform an attacker-specified task rather than…

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

Large Language Model (LLM) agents have achieved rapid adoption and demonstrated remarkable capabilities across a wide range of applications. To improve reasoning and task execution, modern LLM agents would incorporate memory modules or…

Cryptography and Security · Computer Science 2026-04-14 Xingyu Lyu , Jianfeng He , Ning Wang , Yidan Hu , Tao Li , Danjue Chen , Shixiong Li , Yimin Chen

Large language model (LLM) agents increasingly rely on external tools and retrieval systems to autonomously complete complex tasks. However, this design exposes agents to indirect prompt injection (IPI), where attacker-controlled context…

Cryptography and Security · Computer Science 2026-02-27 Tian Zhang , Yiwei Xu , Juan Wang , Keyan Guo , Xiaoyang Xu , Bowen Xiao , Quanlong Guan , Jinlin Fan , Jiawei Liu , Zhiquan Liu , Hongxin Hu

Enabling continual learning in LLMs remains a key unresolved research challenge. In a recent announcement, a frontier LLM company made a step towards this by introducing Agent Skills, a framework that equips agents with new knowledge based…

Machine Learning · Computer Science 2025-10-31 David Schmotz , Sahar Abdelnabi , Maksym Andriushchenko

LLM agents are evolving rapidly, powered by code execution, tools, and the recently introduced agent skills feature. Skills allow users to extend LLM applications with specialized third-party code, knowledge, and instructions. Although this…

Cryptography and Security · Computer Science 2026-02-26 David Schmotz , Luca Beurer-Kellner , Sahar Abdelnabi , Maksym Andriushchenko

Tool-Based Agent Systems (TBAS) allow Language Models (LMs) to use external tools for tasks beyond their standalone capabilities, such as searching websites, booking flights, or making financial transactions. However, these tools greatly…

Cryptography and Security · Computer Science 2025-02-17 Peter Yong Zhong , Siyuan Chen , Ruiqi Wang , McKenna McCall , Ben L. Titzer , Heather Miller , Phillip B. Gibbons

Prompt leakage poses a compelling security and privacy threat in LLM applications. Leakage of system prompts may compromise intellectual property, and act as adversarial reconnaissance for an attacker. A systematic evaluation of prompt…

Cryptography and Security · Computer Science 2024-07-30 Divyansh Agarwal , Alexander R. Fabbri , Ben Risher , Philippe Laban , Shafiq Joty , Chien-Sheng Wu

AI agents, predominantly powered by large language models (LLMs), are vulnerable to indirect prompt injection, in which malicious instructions embedded in untrusted data can trigger dangerous agent actions. This position paper discusses our…

Cryptography and Security · Computer Science 2026-04-01 Chong Xiang , Drew Zagieboylo , Shaona Ghosh , Sanjay Kariyappa , Kai Greshake , Hanshen Xiao , Chaowei Xiao , G. Edward Suh

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

The rapid adoption of Large Language Model (LLM) agents and multi-agent systems enables remarkable capabilities in natural language processing and generation. However, these systems introduce security vulnerabilities that extend beyond…

Cryptography and Security · Computer Science 2026-05-12 Matteo Lupinacci , Francesco Aurelio Pironti , Francesco Blefari , Francesco Romeo , Luigi Arena , Angelo Furfaro

This paper presents a novel approach to evaluating the security of large language models (LLMs) against prompt leakage-the exposure of system-level prompts or proprietary configurations. We define prompt leakage as a critical threat to…

Cryptography and Security · Computer Science 2025-02-19 Tvrtko Sternak , Davor Runje , Dorian Granoša , Chi Wang

Large Language Models (LLMs) are increasingly deployed in agentic systems that interact with an untrusted environment. However, LLM agents are vulnerable to prompt injection attacks when handling untrusted data. In this paper we propose…

‹ Prev 1 2 3 10 Next ›