English
Related papers

Related papers: Skill-Inject: Measuring Agent Vulnerability to Ski…

200 papers

The transition from monolithic language models to modular, skill-equipped agents marks a defining shift in how large language models (LLMs) are deployed in practice. Rather than encoding all procedural knowledge within model weights, agent…

Multiagent Systems · Computer Science 2026-02-18 Renjun Xu , Yang Yan

Agent Skills are structured packages of procedural knowledge that augment LLM agents at inference time. Despite rapid adoption, there is no standard way to measure whether they actually help. We present SkillsBench, a benchmark of 86 tasks…

LLM agents often rely on Skills to describe available tools and recommended procedures. We study a hidden-comment prompt injection risk in this documentation layer: when a Markdown Skill is rendered to HTML, HTML comment blocks can become…

Cryptography and Security · Computer Science 2026-02-12 Qianli Wang , Boyang Ma , Minghui Xu , Yue Zhang

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

Equipping LLM agents with real-world tools can substantially improve productivity. However, granting agents autonomy over tool use also transfers the associated privileges to both the agent and the underlying LLM. Improper privilege usage…

Cryptography and Security · Computer Science 2026-04-21 Quan Zhang , Lianhang Fu , Lvsi Lian , Gwihwan Go , Yujue Wang , Chijin Zhou , Yu Jiang , Geguang Pu

Recent advances in AI agents capable of solving complex, everyday tasks, from scheduling to customer service, have enabled deployment in real-world settings, but their possibilities for unsafe behavior demands rigorous evaluation. While…

Artificial Intelligence · Computer Science 2026-02-18 Sanidhya Vijayvargiya , Aditya Bharat Soni , Xuhui Zhou , Zora Zhiruo Wang , Nouha Dziri , Graham Neubig , Maarten Sap

Autonomous AI agents increasingly extend their capabilities through Agent Skills: modular filesystem packages whose SKILL.md files describe when and how agents should use them. While this design enables scalable, on-demand capability…

Artificial Intelligence · Computer Science 2026-05-13 Shoumik Saha , Kazem Faghih , Soheil Feizi

LLM agents increasingly perform end-to-end ML engineering tasks where success is judged by a single scalar test metric. This creates a structural vulnerability: an agent can increase the reported score by compromising the evaluation…

Artificial Intelligence · Computer Science 2026-03-13 Yonas Atinafu , Robin Cohen

Prompt injection attacks, where untrusted data contains an injected prompt to manipulate the system, have been listed as the top security threat to LLM-integrated applications. Model-level prompt injection defenses have shown strong…

Cryptography and Security · Computer Science 2026-02-09 Sizhe Chen , Arman Zharmagambetov , David Wagner , Chuan Guo

The rapid adoption of Large Language Model (LLM) agents and multi-agent systems enables remarkable capabilities in natural language processing and generation. However, these systems introduce security vulnerabilities that extend beyond…

Cryptography and Security · Computer Science 2026-05-12 Matteo Lupinacci , Francesco Aurelio Pironti , Francesco Blefari , Francesco Romeo , Luigi Arena , Angelo Furfaro

Skills provide an effective mechanism for improving LLM agents on complex tasks, yet in existing agent frameworks, their creation, refinement, and selection are typically governed by external teachers, hand-designed rules, or auxiliary…

Artificial Intelligence · Computer Science 2026-05-13 Min Yang , Jinghua Piao , Xu Xia , Xiaochong Lan , Jiaju Chen , Yongshun Gong , Yong Li

Large Language Models (LLMs) have been increasingly integrated into computer-use agents, which can autonomously operate tools on a user's computer to accomplish complex tasks. However, due to the inherently unstable and unpredictable nature…

Cryptography and Security · Computer Science 2025-09-10 Haitao Hu , Peng Chen , Yanpeng Zhao , Yuqi Chen

With the rapid evolution of Large Language Model (LLM) agent ecosystems, centralized skill marketplaces have emerged as pivotal infrastructure for augmenting agent capabilities. However, these marketplaces face unprecedented security…

Cryptography and Security · Computer Science 2026-03-24 Zihan Guo , Zhiyu Chen , Xiaohang Nie , Jianghao Lin , Yuanjian Zhou , Weinan Zhang

As large language models (LLMs) are increasingly deployed as agents, their integration into interactive environments and tool use introduce new safety challenges beyond those associated with the models themselves. However, the absence of…

Computation and Language · Computer Science 2025-05-21 Zhexin Zhang , Shiyao Cui , Yida Lu , Jingzhuo Zhou , Junxiao Yang , Hongning Wang , Minlie Huang

Agentic systems increasingly rely on reusable procedural capabilities, \textit{a.k.a., agentic skills}, to execute long-horizon workflows reliably. These capabilities are callable modules that package procedural knowledge with explicit…

Cryptography and Security · Computer Science 2026-02-25 Yanna Jiang , Delong Li , Haiyu Deng , Baihe Ma , Xu Wang , Qin Wang , Guangsheng Yu

Agent skills, structured packages of procedural knowledge and executable resources that agents dynamically load at inference time, have become a reliable mechanism for augmenting LLM agents. Yet inference-time skill augmentation is…

Machine Learning · Computer Science 2026-05-18 Zhengxi Lu , Zhiyuan Yao , Jinyang Wu , Chengcheng Han , Qi Gu , Xunliang Cai , Weiming Lu , Jun Xiao , Yueting Zhuang , Yongliang Shen

The growing deployment of large language model (LLM) based agents that interact with external environments has created new attack surfaces for adversarial manipulation. One major threat is indirect prompt injection, where attackers embed…

Computation and Language · Computer Science 2026-04-14 Hwan Chang , Yonghyun Jun , Hwanhee Lee

Third-party agent skills extend LLM-based agents with instruction files and executable code that run on users' machines. Skills execute with user privileges and are distributed through community registries with minimal vetting, but no…

Cryptography and Security · Computer Science 2026-03-17 Yi Liu , Zhihao Chen , Yanjun Zhang , Gelei Deng , Yuekang Li , Jianting Ning , Ying Zhang , Leo Yu Zhang

The proliferation of agentic AI coding assistants, including Claude Code, GitHub Copilot, Cursor, and emerging skill-based architectures, has fundamentally transformed software development workflows. These systems leverage Large Language…

Cryptography and Security · Computer Science 2026-01-27 Narek Maloyan , Dmitry Namiot

Indirect Prompt Injection attacks exploit the inherent limitation of Large Language Models (LLMs) to distinguish between instructions and data in their inputs. Despite numerous defense proposals, the systematic evaluation against adaptive…