English
Related papers

Related papers: VPI-Bench: Visual Prompt Injection Attacks for Com…

200 papers

Computer-using agents (CUAs), which can autonomously control computers to perform multi-step actions, might pose significant safety risks if misused. However, existing benchmarks mainly evaluate LMs in chatbots or simple tool use. To more…

Cryptography and Security · Computer Science 2025-09-25 Aaron Xuxiang Tian , Ruofan Zhang , Janet Tang , Ji Wang , Tianyu Shi , Jiaxin Wen

We demonstrate how AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks. Prompt injection is reminiscent of cross-site scripting (XSS): malicious text is hidden within seemingly trusted content,…

Cryptography and Security · Computer Science 2025-11-18 Víctor Mayoral-Vilches , Per Mannermaa Rynning

Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training distributions and adapt to…

Cryptography and Security · Computer Science 2026-02-10 Luis Burbano , Diego Ortiz , Qi Sun , Siwei Yang , Haoqin Tu , Cihang Xie , Yinzhi Cao , Alvaro A Cardenas

AI agents, predominantly powered by large language models (LLMs), are vulnerable to indirect prompt injection, in which malicious instructions embedded in untrusted data can trigger dangerous agent actions. This position paper discusses our…

Cryptography and Security · Computer Science 2026-04-01 Chong Xiang , Drew Zagieboylo , Shaona Ghosh , Sanjay Kariyappa , Kai Greshake , Hanshen Xiao , Chaowei Xiao , G. Edward Suh

The emergence of multimodal large language models has redefined the agent paradigm by integrating language and vision modalities with external data sources, enabling agents to better interpret human instructions and execute increasingly…

Computer Vision and Pattern Recognition · Computer Science 2025-07-29 Le Wang , Zonghao Ying , Tianyuan Zhang , Siyuan Liang , Shengshan Hu , Mingchuan Zhang , Aishan Liu , Xianglong Liu

As AI agents automate critical workloads, they remain vulnerable to indirect prompt injection (IPI) attacks. Current defenses rely on monitoring protocols that jointly evaluate an agent's Chain-of-Thought (CoT) and tool-use actions to…

Cryptography and Security · Computer Science 2026-02-26 Jafar Isbarov , Murat Kantarcioglu

Computer-using agents (CUAs) act directly on graphical user interfaces, yet their perception of the screen is often unreliable. Existing work largely treats these failures as performance limitations, asking whether an action succeeds,…

Computer Vision and Pattern Recognition · Computer Science 2026-03-17 Xunzhuo Liu , Bowei He , Xue Liu , Andy Luo , Haichen Zhang , Huamin Chen

Vision-Language Models (VLMs) are increasingly deployed as autonomous agents to navigate mobile graphical user interfaces (GUIs). Operating in dynamic on-device ecosystems, which include notifications, pop-ups, and inter-app interactions,…

Cryptography and Security · Computer Science 2026-03-06 Chiyu Chen , Xinhao Song , Yunkai Chai , Yang Yao , Haodong Zhao , Lijun Li , Jie Li , Yan Teng , Gongshen Liu , Yingchun Wang

Computer-use agents (CUAs) that interact with real computer systems can perform automated tasks but face critical safety risks. Ambiguous instructions may trigger harmful actions, and adversarial users can manipulate tool execution to…

Artificial Intelligence · Computer Science 2026-02-04 Tianyu Chen , Chujia Hu , Ge Gao , Dongrui Liu , Xia Hu , Wenjie Wang

LLM based agents are increasingly deployed in high stakes settings where they process external data sources such as emails, documents, and code repositories. This creates exposure to indirect prompt injection attacks, where adversarial…

Prompt injection is the most critical vulnerability in deployed AI agents. Despite recent progress, we show that the prevailing defense paradigm (data-instruction separation) both fails to detect attacks that operate through contextual…

Cryptography and Security · Computer Science 2026-05-19 Sahar Abdelnabi , Eugene Bagdasarian

Evolving AI systems increasingly deploy multi-agent architectures where autonomous agents collaborate, share information, and delegate tasks through developing protocols. This connectivity, while powerful, introduces novel security risks.…

Cryptography and Security · Computer Science 2025-07-30 Gauri Sharma , Vidhi Kulkarni , Miles King , Ken Huang

Powerful autonomous systems, which reason, plan, and converse using and between numerous tools and agents, are made possible by Large Language Models (LLMs), Vision-Language Models (VLMs), and new agentic AI systems, like LangChain and…

Cryptography and Security · Computer Science 2025-12-30 Toqeer Ali Syed , Mishal Ateeq Almutairi , Mahmoud Abdel Moaty

Large Vision-Language Models (LVLMs) are increasingly deployed in real-world intelligent systems for perception and reasoning in open physical environments. While LVLMs are known to be vulnerable to prompt injection attacks, existing…

Computer Vision and Pattern Recognition · Computer Science 2026-01-27 Chen Ling , Kai Hu , Hangcheng Liu , Xingshuo Han , Tianwei Zhang , Changhai Ou

Computer-Use Agents (CUAs) are emerging as a new paradigm in human-computer interaction, enabling autonomous execution of tasks in desktop environment by perceiving high-level natural-language instructions. As such agents become…

Artificial Intelligence · Computer Science 2026-03-13 Marta Sumyk , Oleksandr Kosovan

Vision-language artificial intelligence models (VLMs) possess medical knowledge and can be employed in healthcare in numerous ways, including as image interpreters, virtual scribes, and general decision support systems. However, here, we…

Cryptography and Security · Computer Science 2025-03-20 Jan Clusmann , Dyke Ferber , Isabella C. Wiest , Carolin V. Schneider , Titus J. Brinker , Sebastian Foersch , Daniel Truhn , Jakob N. Kather

Web applications are prime targets for cyberattacks as gateways to critical services and sensitive data. Traditional penetration testing is costly and expertise-intensive, making it difficult to scale with the growing web ecosystem. While…

Cryptography and Security · Computer Science 2025-10-15 Xiaoxue Ren , Penghao Jiang , Kaixin Li , Zhiyong Huang , Xiaoning Du , Jiaojiao Jiang , Zhenchang Xing , Jiamou Sun , Terry Yue Zhuo

Web agents powered by vision-language models (VLMs) enable autonomous interaction with web environments by perceiving and acting on both visual and textual webpage content to accomplish user-specified tasks. However, they are highly…

Cryptography and Security · Computer Science 2026-04-15 Yulin Chen , Tri Cao , Haoran Li , Yue Liu , Yibo Li , Yufei He , Le Minh Khoi , Yangqiu Song , Shuicheng Yan , Bryan Hooi

In the rapidly evolving landscape of artificial intelligence, ChatGPT has been widely used in various applications. The new feature - customization of ChatGPT models by users to cater to specific needs has opened new frontiers in AI…

Cryptography and Security · Computer Science 2024-05-28 Jiahao Yu , Yuhang Wu , Dong Shu , Mingyu Jin , Sabrina Yang , Xinyu Xing

Evaluating Computer Use Agents (CUAs) on interactive environments is fraught with methodological pitfalls that the field has yet to systematically address. We show that a 1MB replay script that blindly executes a recorded action sequence…

Software Engineering · Computer Science 2026-05-12 Pierluca D'Oro , Sneha Silwal , William Wong , Yuxuan Sun , Fanyi Xiao , Manchen Wang , Eric Gan , Allen Bolourchi , Joseph Tighe