English
Related papers

Related papers: Supply-Chain Poisoning Attacks Against LLM Coding …

200 papers

Agentic large language model systems increasingly automate tasks by retrieving URLs and calling external tools. We show that this workflow gives rise to implicit prompt injection: adversarial instructions embedded in automatically generated…

Cryptography and Security · Computer Science 2026-02-27 Qianlong Lan , Anuj Kaul , Shaun Jones , Stephanie Westrum

As large language models are integrated into autonomous robotic systems for task planning and control, compromised inputs or unsafe model outputs can propagate through the planning pipeline to physical-world consequences. Although prior…

Cryptography and Security · Computer Science 2026-05-05 Neha Nagaraja , Hayretdin Bahsi , Carlo R. da Cunha

Large language model (LLM)-based agents combine LLMs with external tools to automate tasks such as scheduling meetings, managing documents, or booking travel. While these integrations unlock powerful capabilities, they also create new and…

Cryptography and Security · Computer Science 2026-04-22 Jonathan Evertz , Merlin Chlosta , Lea Schönherr , Thorsten Eisenhofer

Large language model (LLM) agents increasingly rely on external tools (file operations, API calls, database transactions) to autonomously complete complex multi-step tasks. Practitioners deploy defense-trained models to protect against…

Cryptography and Security · Computer Science 2026-03-23 Shawn Li , Yue Zhao

Backdoor attacks pose a serious threat to the secure deployment of large language models (LLMs), enabling adversaries to implant hidden behaviors triggered by specific inputs. However, existing methods often rely on manually crafted…

Cryptography and Security · Computer Science 2025-11-24 Yige Li , Zhe Li , Wei Zhao , Nay Myat Min , Hanxun Huang , Xingjun Ma , Jun Sun

Skill-based agent systems tackle complex tasks by composing reusable skills, improving modularity and scalability while introducing a largely unexamined security attack surface. We propose SkillTrojan, a backdoor attack that targets skill…

Cryptography and Security · Computer Science 2026-05-29 Yunhao Feng , Yifan Ding , Yingshui Tan , Boren Zheng , Yanming Guo , Xiaolong Li , Kun Zhai , Yishan Li , Wenke Huang

Third-party skills extend LLM agents with powerful capabilities but often handle sensitive credentials in privileged environments, making leakage risks poorly understood. We present the first large-scale empirical study of this problem,…

Cryptography and Security · Computer Science 2026-04-06 Zhihao Chen , Ying Zhang , Yi Liu , Gelei Deng , Yuekang Li , Yanjun Zhang , Jianting Ning , Leo Yu Zhang , Lei Ma , Zhiqiang Li

The rapid deployment of open-source frameworks has significantly advanced the development of modern multi-agent systems. However, expanded action spaces, including uncontrolled privilege exposure and hidden inter-system interactions, pose…

Computation and Language · Computer Science 2026-04-07 Wenhui Zhu , Xuanzhao Dong , Xiwen Chen , Rui Cai , Peijie Qiu , Zhipeng Wang , Oana Frunza , Shao Tang , Jindong Gu , Yalin Wang

When machine learning training is outsourced to third parties, $backdoor$ $attacks$ become practical as the third party who trains the model may act maliciously to inject hidden behaviors into the otherwise accurate model. Until now, the…

Cryptography and Security · Computer Science 2022-11-16 Sanghyun Hong , Nicholas Carlini , Alexey Kurakin

LLM-based coding agents are rapidly being deployed in software development, yet their safety implications remain poorly understood. These agents, while capable of accelerating software development, may exhibit unsafe behaviors during normal…

Artificial Intelligence · Computer Science 2025-08-26 Matous Kozak , Roshanak Zilouchian Moghaddam , Siva Sivaraman

Web-use agents are rapidly being deployed to automate complex web tasks with extensive browser capabilities. However, these capabilities create a critical and previously unexplored attack surface. This paper demonstrates how attackers can…

Cryptography and Security · Computer Science 2025-10-22 Avishag Shapira , Parth Atulbhai Gandhi , Edan Habler , Asaf Shabtai

Autonomous coding agents are increasingly integrated into software development workflows, offering capabilities that extend beyond code suggestion to active system interaction and environment management. OpenClaw, a representative platform…

Cryptography and Security · Computer Science 2026-03-23 Fazhong Liu , Zhuoyan Chen , Tu Lan , Haozhen Tan , Zhenyu Xu , Xiang Li , Guoxing Chen , Yan Meng , Haojin Zhu

LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense…

Cryptography and Security · Computer Science 2026-05-14 Priyal Deep , Shane Emmons , Amy Fox , Kyle Bacon , Kelley McAllister , Peter Ortiz , Krisztian Flautner

LLM-based programming assistants offer the promise of programming faster but with the risk of introducing more security vulnerabilities. Prior work has studied how LLMs could be maliciously fine-tuned to suggest vulnerabilities more often.…

Cryptography and Security · Computer Science 2024-07-17 John Heibel , Daniel Lowd

With the fast development of large language models (LLMs), LLM-driven Web Agents (Web Agents for short) have obtained tons of attention due to their superior capability where LLMs serve as the core part of making decisions like the human…

Cryptography and Security · Computer Science 2024-02-28 Fangzhou Wu , Shutong Wu , Yulong Cao , Chaowei Xiao

Previous benchmarks on prompt injection in large language models (LLMs) have primarily focused on generic tasks and attacks, offering limited insights into more complex threats like data exfiltration. This paper examines how prompt…

Cryptography and Security · Computer Science 2025-06-03 Meysam Alizadeh , Zeynab Samei , Daria Stetsenko , Fabrizio Gilardi

Coding agents, which are LLM-driven agents specialized in software development, have become increasingly prevalent in modern programming environments. Unlike traditional AI coding assistants, which offer simple code completion and…

Cryptography and Security · Computer Science 2025-09-30 Eunkyu Lee , Donghyeon Kim , Wonyoung Kim , Insu Yun

LLM-based agent systems increasingly rely on agent skills sourced from open registries to extend their capabilities, yet the openness of such ecosystems makes skills difficult to thoroughly vet. Existing attacks rely on injecting malicious…

Cryptography and Security · Computer Science 2026-04-08 Zenghao Duan , Yuxin Tian , Zhiyi Yin , Liang Pang , Jingcheng Deng , Zihao Wei , Shicheng Xu , Yuyao Ge , Xueqi Cheng

Large language models (LLMs) are increasingly used as analyst assistants in security operations centers (SOCs), where they ingest log and alert data to produce triage labels, incident summaries, or remediation advice. We study a structural…

Cryptography and Security · Computer Science 2026-05-26 Rohan Pandey , Archit Bhujang

Programmatic skills in LLM ecosystems consist of a natural-language description and executable implementation files. Users and LLMs rely on the description to understand the skill's scope. However, the implementation may perform…

Cryptography and Security · Computer Science 2026-05-14 Wenhui He , Yue Li , Bang Fu , Huan Xing , Xing Fan , ZeHua Zhang , Baoning Niu