English
Related papers

Related papers: Skill-Inject: Measuring Agent Vulnerability to Ski…

200 papers

Enabling continual learning in LLMs remains a key unresolved research challenge. In a recent announcement, a frontier LLM company made a step towards this by introducing Agent Skills, a framework that equips agents with new knowledge based…

Machine Learning · Computer Science 2025-10-31 David Schmotz , Sahar Abdelnabi , Maksym Andriushchenko

The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute…

Cryptography and Security · Computer Science 2026-01-16 Yi Liu , Weizhe Wang , Ruitao Feng , Yao Zhang , Guangquan Xu , Gelei Deng , Yuekang Li , Leo Zhang

LLM-based agent systems increasingly rely on agent skills sourced from open registries to extend their capabilities, yet the openness of such ecosystems makes skills difficult to thoroughly vet. Existing attacks rely on injecting malicious…

Cryptography and Security · Computer Science 2026-04-08 Zenghao Duan , Yuxin Tian , Zhiyi Yin , Liang Pang , Jingcheng Deng , Zihao Wei , Shicheng Xu , Yuyao Ge , Xueqi Cheng

Agent skills are increasingly used to extend LLM agents with task-specific instructions, executable scripts, and auxiliary resources. While improving reusability, this modular design also introduces a new supply-chain attack surface: a…

Cryptography and Security · Computer Science 2026-05-19 Xiaojun Jia , Jie Liao , Simeng Qin , Jindong Gu , Wenqi Ren , Xiaochun Cao , Yang Liu , Philip Torr

Reusable skills are becoming a common interface for extending large language model agents, packaging procedural guidance with access to files, tools, memory, and execution environments. However, this modularity introduces attack surfaces…

Cryptography and Security · Computer Science 2026-05-28 Chang Jin , An Wang , Zeming Wei , Kai Wang , Biaojie Zeng , Qiaosheng Zhang , Chao Yang , Jingjing Qu , Xia Hu , Xingcheng Xu

Large language model (LLM) agents increasingly rely on skills to package reusable capabilities through instructions, tools, and resources. High-quality skills embed expert knowledge, curated workflows, and execution constraints into agents,…

Cryptography and Security · Computer Science 2026-04-28 Zihan Wang , Rui Zhang , Yu Liu , Chi Liu , Qingchuan Zhao , Hongwei Li , Guowen Xu

Recent work has embodied LLMs as agents, allowing them to access tools, perform actions, and interact with external content (e.g., emails or websites). However, external content introduces the risk of indirect prompt injection (IPI)…

Computation and Language · Computer Science 2024-08-06 Qiusi Zhan , Zhixiang Liang , Zifan Ying , Daniel Kang

The robustness of LLMs to jailbreak attacks, where users design prompts to circumvent safety measures and misuse model capabilities, has been studied primarily for LLMs acting as simple chatbots. Meanwhile, LLM agents -- which use external…

LLM agents now draw on growing skill libraries to handle complex tasks. However, injecting more skills does not always improve task completion and can even degrade it. Existing methods still treat skill injection as a static step, selecting…

Artificial Intelligence · Computer Science 2026-05-29 Yanchao Li , Wanhao Liu , Ben Gao , Jiaqing Xie , Zhehong Ai , Na Zou , Yuqiang Li , Tianfan Fu

Third-party skills are becoming the package ecosystem for LLM agents. They package natural-language instructions, helper scripts, templates, documents, and service configuration into reusable workflows. This makes skills useful, but it also…

Cryptography and Security · Computer Science 2026-05-15 Haomin Zhuang , Hanwen Xing , Yujun Zhou , Yuchen Ma , Yue Huang , Yili Shen , Yufei Han , Xiangliang Zhang

Large language models (LLMs) have evolved into autonomous agents that rely on open skill ecosystems (e.g., ClawHub and Skills.Rest), hosting numerous publicly reusable skills. Existing security research on these ecosystems mainly focuses on…

Cryptography and Security · Computer Science 2026-04-20 Yukun Jiang , Yage Zhang , Michael Backes , Xinyue Shen , Yang Zhang

Large Language Model (LLM) agents are increasingly being deployed as conversational assistants capable of performing complex real-world tasks through tool integration. This enhanced ability to interact with external systems and process…

Cryptography and Security · Computer Science 2024-12-24 Feiran Jia , Tong Wu , Xin Qin , Anna Squicciarini

Agent skills introduce a new and more severe form of indirect injection for LLM agents: unlike traditional indirect prompt injection, attackers can hide malicious instructions inside a dense, action-oriented skill that already functions as…

Cryptography and Security · Computer Science 2026-04-28 Wenjie Xiao , Xuehai Tang , Biyu Zhou , Songlin Hu , Jizhong Han

Personal AI agents like OpenClaw run with elevated privileges on users' local machines, where a single successful prompt injection can leak credentials, redirect financial transactions, or destroy files. This threat goes well beyond…

Artificial Intelligence · Computer Science 2026-04-07 Bowen Wei , Yunbei Zhang , Jinhao Pan , Kai Mei , Xiao Wang , Jihun Hamm , Ziwei Zhu , Yingqiang Ge

Although LLM-based agents, powered by Large Language Models (LLMs), can use external tools and memory mechanisms to solve complex real-world tasks, they may also introduce critical security vulnerabilities. However, the existing literature…

Cryptography and Security · Computer Science 2025-06-02 Hanrong Zhang , Jingyuan Huang , Kai Mei , Yifei Yao , Zhenting Wang , Chenlu Zhan , Hongwei Wang , Yongfeng Zhang

AI agents, predominantly powered by large language models (LLMs), are vulnerable to indirect prompt injection, in which malicious instructions embedded in untrusted data can trigger dangerous agent actions. This position paper discusses our…

Cryptography and Security · Computer Science 2026-04-01 Chong Xiang , Drew Zagieboylo , Shaona Ghosh , Sanjay Kariyappa , Kai Greshake , Hanshen Xiao , Chaowei Xiao , G. Edward Suh

Autonomous AI agents powered by large language models (LLMs) with structured function-calling interfaces enable real-time data retrieval, computation, and multi-step orchestration. However, the rapid growth of plugins, connectors, and…

Cryptography and Security · Computer Science 2025-12-16 Mohamed Amine Ferrag , Norbert Tihanyi , Djallel Hamouda , Leandros Maglaras , Abderrahmane Lakas , Merouane Debbah

LLM-based coding agents extend their capabilities via third-party agent skills distributed through open marketplaces without mandatory security review. Unlike traditional packages, these skills are executed as operational directives with…

Cryptography and Security · Computer Science 2026-04-06 Yubin Qu , Yi Liu , Tongcheng Geng , Gelei Deng , Yuekang Li , Leo Yu Zhang , Ying Zhang , Lei Ma

Tool-augmented Large Language Model (LLM) agents have demonstrated impressive capabilities in automating complex, multi-step real-world tasks, yet remain vulnerable to indirect prompt injection. Adversaries exploit this weakness by…

Cryptography and Security · Computer Science 2026-05-12 Wei Zhao , Zhe Li , Peixin Zhang , Jun Sun

High-privilege LLM agents that autonomously process external documentation are increasingly trusted to automate tasks by reading and executing project instructions, yet they are granted terminal access, filesystem control, and outbound…

Cryptography and Security · Computer Science 2026-03-13 Ching-Yu Kao , Xinfeng Li , Shenyu Dai , Tianze Qiu , Pengcheng Zhou , Eric Hanchen Jiang , Philip Sperl
‹ Prev 1 2 3 10 Next ›