English
Related papers

Related papers: Manipulating LLM Web Agents with Indirect Prompt I…

200 papers

As the AI systems become deeply embedded in social media platforms, we've uncovered a concerning security vulnerability that goes beyond traditional adversarial attacks. It becomes important to assess the risks of LLMs before the general…

Computation and Language · Computer Science 2025-05-30 Nilanjana Das , Edward Raff , Aman Chadha , Manas Gaur

Large Language Models (LLMs) are increasingly integrated into web-based systems for content summarization, yet their susceptibility to prompt injection attacks remains a pressing concern. In this study, we explore how non-visible HTML…

Cryptography and Security · Computer Science 2025-11-12 Ishaan Verma , Arsheya Yadav

Large Language Model (LLM) agents can leverage tools such as Google Search to complete complex tasks. However, this tool usage introduces the risk of indirect prompt injections, where malicious instructions hidden in tool outputs can…

Machine Learning · Computer Science 2025-10-08 Zizhao Wang , Dingcheng Li , Vaishakh Keshava , Phillip Wallis , Ananth Balashankar , Peter Stone , Lukas Rutishauser

Powerful autonomous systems, which reason, plan, and converse using and between numerous tools and agents, are made possible by Large Language Models (LLMs), Vision-Language Models (VLMs), and new agentic AI systems, like LangChain and…

Cryptography and Security · Computer Science 2025-12-30 Toqeer Ali Syed , Mishal Ateeq Almutairi , Mahmoud Abdel Moaty

Large language model (LLM) based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their…

Cryptography and Security · Computer Science 2026-02-11 Georgios Syros , Evan Rose , Brian Grinstead , Christoph Kerschbaumer , William Robertson , Cristina Nita-Rotaru , Alina Oprea

Navigation agents powered by large language models (LLMs) convert natural language instructions into executable plans and actions. Compared to text-based applications, their security is far more critical: a successful prompt injection…

Cryptography and Security · Computer Science 2026-01-21 Jiani Liu , Yixin He , Lanlan Fan , Qidi Zhong , Yushi Cheng , Meng Zhang , Yanjiao Chen , Wenyuan Xu

Large language models (LLMs) and LLM-based agents have been widely deployed in a wide range of applications in the real world, including healthcare diagnostics, financial analysis, customer support, robotics, and autonomous driving,…

Cryptography and Security · Computer Science 2025-05-20 Wenrui Xu , Keshab K. Parhi

Prompt injection attacks, where malicious input is designed to manipulate AI systems into ignoring their original instructions and following unauthorized commands instead, were first discovered by Preamble, Inc. in May 2022 and responsibly…

Cryptography and Security · Computer Science 2025-07-18 Jeremy McHugh , Kristina Šekrst , Jon Cefalu

Recent applications of LLMs in Machine Reading Comprehension (MRC) systems have shown impressive results, but the use of shortcuts, mechanisms triggered by features spuriously correlated to the true label, has emerged as a potential threat…

Computation and Language · Computer Science 2023-10-31 Mosh Levy , Shauli Ravfogel , Yoav Goldberg

With the advancement of technology, large language models (LLMs) have achieved remarkable performance across various natural language processing (NLP) tasks, powering LLM-integrated applications like Microsoft Copilot. However, as LLMs…

Cryptography and Security · Computer Science 2025-08-05 Yulin Chen , Haoran Li , Zihao Zheng , Yangqiu Song , Dekai Wu , Bryan Hooi

Following the advancement of large language models (LLMs), the development of LLM-based autonomous agents has become increasingly prevalent. As a result, the need to understand the security vulnerabilities of these agents has become a…

Cryptography and Security · Computer Science 2024-10-23 Itay Nakash , George Kour , Guy Uziel , Ateret Anaby-Tavor

Recently, web-based Large Language Model (LLM) agents autonomously perform increasingly complex tasks, thereby bringing significant convenience. However, they also amplify the risks of malicious misuse cases such as unauthorized collection…

Cryptography and Security · Computer Science 2026-02-02 Sechan Lee , Sangdon Park

Multimodal Large Language Models (MLLMs) integrate vision and text to power applications, but this integration introduces new vulnerabilities. We study Image-based Prompt Injection (IPI), a black-box attack in which adversarial instructions…

Computer Vision and Pattern Recognition · Computer Science 2026-03-05 Neha Nagaraja , Lan Zhang , Zhilong Wang , Bo Zhang , Pawan Patil

In-context learning (ICL) has emerged as a powerful paradigm leveraging LLMs for specific downstream tasks by utilizing labeled examples as demonstrations (demos) in the preconditioned prompts. Despite its promising performance, crafted…

Machine Learning · Computer Science 2025-05-30 Xiangyu Zhou , Yao Qiang , Saleh Zare Zade , Prashant Khanduri , Dongxiao Zhu

We demonstrate how AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks. Prompt injection is reminiscent of cross-site scripting (XSS): malicious text is hidden within seemingly trusted content,…

Cryptography and Security · Computer Science 2025-11-18 Víctor Mayoral-Vilches , Per Mannermaa Rynning

Indirect Prompt Injection attacks exploit the inherent limitation of Large Language Models (LLMs) to distinguish between instructions and data in their inputs. Despite numerous defense proposals, the systematic evaluation against adaptive…

As LLMs are increasingly integrated into systems that browse, retrieve, summarize, and act on web content, webpages have become an untrusted input vector for downstream model behavior. This enables site owners, contributors, and adversaries…

Cryptography and Security · Computer Science 2026-05-01 Soheil Khodayari , Xuenan Zhang , Bhupendra Acharya , Giancarlo Pellegrino

Graphical User Interface (GUI) agents powered by Large Vision-Language Models (LVLMs) have emerged as a revolutionary approach to automating human-machine interactions, capable of autonomously operating personal devices (e.g., mobile…

Computation and Language · Computer Science 2025-09-25 Ziang Ye , Yang Zhang , Wentao Shi , Xiaoyu You , Fuli Feng , Tat-Seng Chua

Large Language Model (LLM) agents are increasingly integrated into critical systems, leveraging external tools to interact with the real world. However, this capability exposes them to Indirect Prompt Injection (IPI), where attackers embed…

Cryptography and Security · Computer Science 2026-04-14 Guangyu Gong , Zizhuang Deng

Web-browsing AI agents are increasingly deployed in enterprise settings under strict whitelists of approved domains, yet adversaries can still influence them by embedding hidden instructions in the HTML pages those domains serve. Existing…

Cryptography and Security · Computer Science 2026-05-13 Chia-Pei , Chen , Kentaroh Toyoda , Anita Lai , Alex Leung