English
Related papers

Related papers: ceLLMate: Sandboxing Browser AI Agents

200 papers

The integration of artificial intelligence (AI) agents into web browsers introduces security challenges that go beyond traditional web application threat models. Prior work has identified prompt injection as a new attack vector for web…

Machine Learning · Computer Science 2025-11-26 Kaiyuan Zhang , Mark Tenenholtz , Kyle Polley , Jerry Ma , Denis Yarats , Ninghui Li

Autonomous UI agents powered by AI have tremendous potential to boost human productivity by automating routine tasks such as filing taxes and paying bills. However, a major challenge in unlocking their full potential is security, which is…

Cryptography and Security · Computer Science 2025-05-20 Ivan Evtimov , Arman Zharmagambetov , Aaron Grattafiori , Chuan Guo , Kamalika Chaudhuri

Autonomous browsing agents powered by large language models (LLMs) are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface.…

Cryptography and Security · Computer Science 2025-05-20 Mykyta Mudryi , Markiyan Chaklosh , Grzegorz Wójcik

Computer Use Agents (CUAs), autonomous systems that interact with software interfaces via browsers or virtual machines, are rapidly being deployed in consumer and enterprise environments. These agents introduce novel attack surfaces and…

The rapid advancement of Large Language Models (LLMs) is catalyzing a shift towards autonomous AI Agents capable of executing complex, multi-step tasks. However, these agents remain brittle when faced with real-world exceptions, making…

Large language model (LLM) agents are increasingly capable of autonomously conducting cyberattacks, posing significant threats to existing applications. This growing risk highlights the urgent need for a real-world benchmark to evaluate the…

Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions…

Cryptography and Security · Computer Science 2025-10-16 Avihay Cohen

Computer-Use Agents (CUAs) with full system access enable powerful task automation but pose significant security and privacy risks due to their ability to manipulate files, access user data, and execute arbitrary commands. While prior work…

Artificial Intelligence · Computer Science 2026-03-03 Tri Cao , Bennett Lim , Yue Liu , Yuan Sui , Yuexin Li , Shumin Deng , Lin Lu , Nay Oo , Shuicheng Yan , Bryan Hooi

Web agents, powered by large language models (LLMs), are increasingly deployed to automate complex web interactions. The rise of open-source frameworks (e.g., Browser Use, Skyvern-AI) has accelerated adoption, but also broadened the attack…

Cryptography and Security · Computer Science 2026-01-13 Xinyi Wu , Geng Hong , Yueyue Chen , MingXuan Liu , Feier Jin , Xudong Pan , Jiarun Dai , Baojun Liu

Browser agents built on LLMs can act in web interfaces, yet most remain confined to a single chat surface (e.g., a sidebar). This mismatch with real browsing can increase context-switching and reduce user control. We introduce…

Human-Computer Interaction · Computer Science 2026-03-25 Wanying Mo , Jijia Lai , Xiaoming Wang

Autonomous web navigation agents, which translate natural language instructions into sequences of browser actions, are increasingly deployed for complex tasks across e-commerce, information retrieval, and content discovery. Due to the…

Cryptography and Security · Computer Science 2025-06-24 Atharv Singh Patlan , Ashwin Hebbar , Pramod Viswanath , Prateek Mittal

We introduce WebGames, a comprehensive benchmark suite designed to evaluate general-purpose web-browsing AI agents through a collection of 50+ interactive challenges. These challenges are specifically crafted to be straightforward for…

Machine Learning · Computer Science 2025-02-26 George Thomas , Alex J. Chan , Jikun Kang , Wenqi Wu , Filippos Christianos , Fraser Greenlee , Andy Toulis , Marvin Purtorab

AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss. The only known robust defense is architectural isolation that strictly separates trusted task…

Recent advances in large language models and agentic frameworks have enabled virtual customer assistants (VCAs) for complex support. We present SecMate, a multi-agent VCA for cybersecurity troubleshooting that integrates device, user, and…

Cryptography and Security · Computer Science 2026-04-30 Yair Meidan , Omri Haller , Yulia Moshan , Shahaf David , Dudu Mimran , Yuval Elovici , Asaf Shabtai

Browser agents are increasingly deployed in long-horizon tasks, which require executing extended action chains to accomplish user goals. However, this prolonged execution process provides attackers with more opportunities to inject…

Cryptography and Security · Computer Science 2026-05-12 Zhichao Liu , Wenbo Pan , Haining Yu , Ge Gao , Tianqing Zhu , Xiaohua Jia

Web-use agents are rapidly being deployed to automate complex web tasks with extensive browser capabilities. However, these capabilities create a critical and previously unexplored attack surface. This paper demonstrates how attackers can…

Cryptography and Security · Computer Science 2025-10-22 Avishag Shapira , Parth Atulbhai Gandhi , Edan Habler , Asaf Shabtai

The transition of Large Language Models (LLMs) from passive code generators to autonomous agents introduces significant safety risks, specifically regarding destructive commands and inconsistent system states. Existing commercial solutions…

Artificial Intelligence · Computer Science 2025-12-16 Boyang Yan

Computer-use agents (CUAs) promise to automate complex tasks across operating systems (OS) and the web, but remain vulnerable to indirect prompt injection. Current evaluations of this threat either lack support realistic but controlled…

Computation and Language · Computer Science 2026-03-03 Zeyi Liao , Jaylen Jones , Linxi Jiang , Yuting Ning , Eric Fosler-Lussier , Yu Su , Zhiqiang Lin , Huan Sun

Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current…

Software Engineering · Computer Science 2025-11-26 Aram Vardanyan

Computer-Using Agents (CUAs) are rapidly extending large language models (LLMs) beyond text-based reasoning toward action execution in more complex environments, such as web browsers and graphical user interfaces (GUIs). However, existing…

‹ Prev 1 2 3 10 Next ›