English
Related papers

Related papers: Skill-Inject: Measuring Agent Vulnerability to Ski…

200 papers

Previous benchmarks on prompt injection in large language models (LLMs) have primarily focused on generic tasks and attacks, offering limited insights into more complex threats like data exfiltration. This paper examines how prompt…

Cryptography and Security · Computer Science 2025-06-03 Meysam Alizadeh , Zeynab Samei , Daria Stetsenko , Fabrizio Gilardi

Third-party skills extend LLM agents with powerful capabilities but often handle sensitive credentials in privileged environments, making leakage risks poorly understood. We present the first large-scale empirical study of this problem,…

Cryptography and Security · Computer Science 2026-04-06 Zhihao Chen , Ying Zhang , Yi Liu , Gelei Deng , Yuekang Li , Yanjun Zhang , Jianting Ning , Leo Yu Zhang , Lei Ma , Zhiqiang Li

Recently, skills have been widely adopted in large language model (LLM)-based agent systems across various domains. In existing frameworks, skills are typically injected into the agent reasoning loop as contextual guidance once matched to a…

Artificial Intelligence · Computer Science 2026-05-18 Duling Xu , Zheng Chen , Zaifeng Pan , Jiawei Guan , Dong Dong , Jialin Li , Bangzheng Pu

LLM agents process trusted instructions, retrieved records, and tool observations through a common generative channel. This conflates data flow with authority: an untrusted string can affect a secret-bearing response or an action proposal…

Cryptography and Security · Computer Science 2026-05-27 Faruk Alpay , Taylan Alpay

Agent skills, structured procedural knowledge packages injected at inference time, are increasingly used to augment LLM agents on software engineering tasks. However, their real utility in end-to-end development settings remains unclear. We…

Software Engineering · Computer Science 2026-03-17 Tingxu Han , Yi Zhang , Wei Song , Chunrong Fang , Zhenyu Chen , Youcheng Sun , Lijie Hu

AI agents powered by large language models (LLMs) are being deployed at scale, yet we lack a systematic understanding of how the choice of backbone LLM affects agent security. The non-deterministic sequential nature of AI agents complicates…

Cryptography and Security · Computer Science 2026-02-25 Julia Bazinska , Max Mathys , Francesco Casucci , Mateo Rojas-Carulla , Xander Davies , Alexandra Souly , Niklas Pfister

As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt…

Agent Skills is an emerging open standard that defines a modular, filesystem-based packaging format enabling LLM-based agents to acquire domain-specific expertise on demand. Despite rapid adoption across multiple agentic platforms and the…

Cryptography and Security · Computer Science 2026-04-06 Zhiyuan Li , Jingzheng Wu , Xiang Ling , Xing Cui , Tianyue Luo

Skill-based agent systems tackle complex tasks by composing reusable skills, improving modularity and scalability while introducing a largely unexamined security attack surface. We propose SkillTrojan, a backdoor attack that targets skill…

Cryptography and Security · Computer Science 2026-05-29 Yunhao Feng , Yifan Ding , Yingshui Tan , Boren Zheng , Yanming Guo , Xiaolong Li , Kun Zhai , Yishan Li , Wenke Huang

Large language models (LLMs) are becoming a popular tool as they have significantly advanced in their capability to tackle a wide range of language-based tasks. However, LLMs applications are highly vulnerable to prompt injection attacks,…

Computation and Language · Computer Science 2024-11-11 Md Abdur Rahman , Fan Wu , Alfredo Cuzzocrea , Sheikh Iqbal Ahamed

Large language model (LLM)-based agents combine LLMs with external tools to automate tasks such as scheduling meetings, managing documents, or booking travel. While these integrations unlock powerful capabilities, they also create new and…

Cryptography and Security · Computer Science 2026-04-22 Jonathan Evertz , Merlin Chlosta , Lea Schönherr , Thorsten Eisenhofer

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

AI agents are vulnerable to indirect prompt injection attacks, where malicious instructions embedded in external content or tool outputs cause unintended or harmful behavior. Inspired by the well-established concept of firewalls, we show…

Cryptography and Security · Computer Science 2026-03-24 Rishika Bhagwatkar , Kevin Kasa , Abhay Puri , Gabriel Huang , Irina Rish , Graham W. Taylor , Krishnamurthy Dj Dvijotham , Alexandre Lacoste

LLM agents are increasingly deployed in long-horizon, complex environments to solve challenging problems, but this expansion exposes them to long-horizon attacks that exploit multi-turn user-agent-environment interactions to achieve…

Artificial Intelligence · Computer Science 2026-02-20 Tanqiu Jiang , Yuhui Wang , Jiacheng Liang , Ting Wang

The critical challenge of prompt injection attacks in Large Language Models (LLMs) integrated applications, a growing concern in the Artificial Intelligence (AI) field. Such attacks, which manipulate LLMs through natural language inputs,…

Cryptography and Security · Computer Science 2024-01-17 Xuchen Suo

The rapid proliferation of LLM-based autonomous agents in real operating system environments introduces a new category of safety risk beyond content safety: behavior jailbreak, where an adversary induces an agent to execute dangerous…

Cryptography and Security · Computer Science 2026-05-12 Chiyu Zhang , Huiqin Yang , Bendong Jiang , Xiaolei Zhang , Yiran Zhao , Ruyi Chen , Lu Zhou , Xiaogang Xu , Jiafei Wu , Liming Fang , Zhe Liu

This study systematically analyzes the vulnerability of 36 large language models (LLMs) to various prompt injection attacks, a technique that leverages carefully crafted prompts to elicit malicious LLM behavior. Across 144 prompt injection…

A Large Language Model (LLM) powered GUI agent is a specialized autonomous system that performs tasks on the user's behalf according to high-level instructions. It does so by perceiving and interpreting the graphical user interfaces (GUIs)…

Agent Skills have become a practical way to extend LLM agents by packaging metadata, natural-language instructions, and executable resources into reusable capability bundles. However, this growing Skill ecosystem introduces a new compliance…

Cryptography and Security · Computer Science 2026-05-08 Jiangrong Wu , Yuhong Nan , Yixi Lin , Huaijin Wang , Yuming Xiao , Shuai Wang , Zibin Zheng

AI agents aim to solve complex tasks by combining text-based reasoning with external tool calls. Unfortunately, AI agents are vulnerable to prompt injection attacks where data returned by external tools hijacks the agent to execute…

Cryptography and Security · Computer Science 2024-11-26 Edoardo Debenedetti , Jie Zhang , Mislav Balunović , Luca Beurer-Kellner , Marc Fischer , Florian Tramèr