English
Related papers

Related papers: SkillTrojan: Backdoor Attacks on Skill-Based Agent…

200 papers

Agent ecosystems increasingly rely on installable skills to extend functionality, and some skills bundle learned model artifacts as part of their execution logic. This creates a supply-chain risk that is not captured by prompt injection or…

Cryptography and Security · Computer Science 2026-04-13 Guiyao Tie , Jiawen Shi , Pan Zhou , Lichao Sun

Backdoor attacks represent a subtle yet effective class of cyberattacks targeting AI models, primarily due to their stealthy nature. The model behaves normally on clean data but exhibits malicious behavior only when the attacker embeds a…

Machine Learning · Computer Science 2025-09-29 Sujeevan Aseervatham , Achraf Kerzazi , Younès Bennani

As the curation of data for machine learning becomes increasingly automated, dataset tampering is a mounting threat. Backdoor attackers tamper with training data to embed a vulnerability in models that are trained on that data. This…

Machine Learning · Computer Science 2022-10-14 Hossein Souri , Liam Fowl , Rama Chellappa , Micah Goldblum , Tom Goldstein

LLM agents are evolving rapidly, powered by code execution, tools, and the recently introduced agent skills feature. Skills allow users to extend LLM applications with specialized third-party code, knowledge, and instructions. Although this…

Cryptography and Security · Computer Science 2026-02-26 David Schmotz , Luca Beurer-Kellner , Sahar Abdelnabi , Maksym Andriushchenko

Autonomous AI agents increasingly extend their capabilities through Agent Skills: modular filesystem packages whose SKILL.md files describe when and how agents should use them. While this design enables scalable, on-demand capability…

Artificial Intelligence · Computer Science 2026-05-13 Shoumik Saha , Kazem Faghih , Soheil Feizi

LLM-based agent systems increasingly rely on agent skills sourced from open registries to extend their capabilities, yet the openness of such ecosystems makes skills difficult to thoroughly vet. Existing attacks rely on injecting malicious…

Cryptography and Security · Computer Science 2026-04-08 Zenghao Duan , Yuxin Tian , Zhiyi Yin , Liang Pang , Jingcheng Deng , Zihao Wei , Shicheng Xu , Yuyao Ge , Xueqi Cheng

Agent Skills package SKILL.md files, scripts, reference documents, and repository context into reusable capability units, turning pre-load auditing from single-prompt filtering into cross-file security review. Existing guardrails often flag…

Cryptography and Security · Computer Science 2026-04-29 Lijia Lv , Xuehai Tang , Jie Wen , Jizhong Han , Songlin Hu

Agent skills are increasingly used to extend LLM agents with task-specific instructions, executable scripts, and auxiliary resources. While improving reusability, this modular design also introduces a new supply-chain attack surface: a…

Cryptography and Security · Computer Science 2026-05-19 Xiaojun Jia , Jie Liao , Simeng Qin , Jindong Gu , Wenqi Ren , Xiaochun Cao , Yang Liu , Philip Torr

We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security…

Cryptography and Security · Computer Science 2026-05-28 Luca Beurer-Kellner , Aleksei Kudrinskii , Marco Milanta , Kristian Bonde Nielsen , Hemang Sarkar , Liran Tal

Backdoor attacks pose a serious threat to the secure deployment of large language models (LLMs), enabling adversaries to implant hidden behaviors triggered by specific inputs. However, existing methods often rely on manually crafted…

Cryptography and Security · Computer Science 2025-11-24 Yige Li , Zhe Li , Wei Zhao , Nay Myat Min , Hanxun Huang , Xingjun Ma , Jun Sun

Backdoor attacks on deep neural networks have emerged as significant security threats, especially as DNNs are increasingly deployed in security-critical applications. However, most existing works assume that the attacker has access to the…

Cryptography and Security · Computer Science 2024-08-22 Jiahao Wang , Xianglong Zhang , Xiuzhen Cheng , Pengfei Hu , Guoming Zhang

Trojan (backdoor) attack is a form of adversarial attack on deep neural networks where the attacker provides victims with a model trained/retrained on malicious data. The backdoor can be activated when a normal input is stamped with a…

Machine Learning · Computer Science 2021-01-05 Siyuan Cheng , Yingqi Liu , Shiqing Ma , Xiangyu Zhang

The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute…

Cryptography and Security · Computer Science 2026-01-16 Yi Liu , Weizhe Wang , Ruitao Feng , Yao Zhang , Guangquan Xu , Gelei Deng , Yuekang Li , Leo Zhang

Reusable skills let LLM agents package task-specific procedures, tool affordances, and execution guidance into modular building blocks. As skill ecosystems grow to tens of thousands of entries, exposing every skill at inference time becomes…

Machine Learning · Computer Science 2026-04-02 YanZhao Zheng , ZhenTao Zhang , Chao Ma , YuanQiang Yu , JiHuai Zhu , Yong Wu , Tianze Xu , Baohua Dong , Hangcheng Zhu , Ruohui Huang , Gang Yu

Recent work has demonstrated robust mechanisms by which attacks can be orchestrated on machine learning models. In contrast to adversarial examples, backdoor or trojan attacks embed surgically modified samples with targeted labels in the…

Cryptography and Security · Computer Science 2019-03-19 Zhaoyuan Yang , Naresh Iyer , Johan Reimann , Nurali Virani

Backdoors and adversarial examples are the two primary threats currently faced by deep neural networks (DNNs). Both attacks attempt to hijack the model behaviors with unintended outputs by introducing (small) perturbations to the inputs.…

Cryptography and Security · Computer Science 2024-01-22 Yunjie Ge , Qian Wang , Huayang Huang , Qi Li , Cong Wang , Chao Shen , Lingchen Zhao , Peipei Jiang , Zheng Fang , Shenyi Zhang

Backdoor (trojan) attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly…

Cryptography and Security · Computer Science 2025-09-10 Bilal Hussain Abbasi , Yanjun Zhang , Leo Zhang , Shang Gao

While real-world applications of reinforcement learning are becoming popular, the security and robustness of RL systems are worthy of more attention and exploration. In particular, recent works have revealed that, in a multi-agent RL…

Machine Learning · Computer Science 2023-09-15 Junfeng Guo , Ang Li , Cong Liu

Recently, it has been shown that deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch.…

Computer Vision and Pattern Recognition · Computer Science 2020-06-11 Haripriya Harikumar , Vuong Le , Santu Rana , Sourangshu Bhattacharya , Sunil Gupta , Svetha Venkatesh

Backdoor attacks embed malicious behaviors into Large Language Models (LLMs), enabling adversaries to trigger harmful outputs or bypass safety controls. However, the persistence of the implanted backdoors under user-driven post-deployment…

Cryptography and Security · Computer Science 2025-12-18 Jing Cui , Yufei Han , Jianbin Jiao , Junge Zhang
‹ Prev 1 2 3 10 Next ›