English
Related papers

Related papers: AgentTrust: Runtime Safety Evaluation and Intercep…

200 papers

Large language models are increasingly deployed as *deep agents* that plan, maintain persistent state, and invoke external tools, shifting safety failures from unsafe text to unsafe *trajectories*. We introduce **AgentFence**, an…

Cryptography and Security · Computer Science 2026-02-10 Sai Puppala , Ismail Hossain , Md Jahangir Alam , Yoonpyo Lee , Jay Yoo , Tanzim Ahad , Syed Bahauddin Alam , Sajedul Talukder

Tool-augmented Large Language Model (LLM) agents have demonstrated impressive capabilities in automating complex, multi-step real-world tasks, yet remain vulnerable to indirect prompt injection. Adversaries exploit this weakness by…

Cryptography and Security · Computer Science 2026-05-12 Wei Zhao , Zhe Li , Peixin Zhang , Jun Sun

AI agents aim to solve complex tasks by combining text-based reasoning with external tool calls. Unfortunately, AI agents are vulnerable to prompt injection attacks where data returned by external tools hijacks the agent to execute…

Cryptography and Security · Computer Science 2024-11-26 Edoardo Debenedetti , Jie Zhang , Mislav Balunović , Luca Beurer-Kellner , Marc Fischer , Florian Tramèr

Agents built on LLMs are increasingly deployed across diverse domains, automating complex decision-making and task execution. However, their autonomy introduces safety risks, including security vulnerabilities, legal violations, and…

Artificial Intelligence · Computer Science 2025-08-01 Haoyu Wang , Christopher M. Poskitt , Jun Sun

Static benchmarks measure what AI agents can do at a fixed point in time but not how they are adopted, maintained, or experienced in deployment. We introduce AgentPulse, a continuous evaluation framework scoring 50 agents across 10 workload…

Artificial Intelligence · Computer Science 2026-04-28 Yuxuan Gao , Megan Wang , Yi Ling Yu

Agentic AI systems -- Large Language Models (LLMs) augmented with planning, tool use, memory, and long-horizon interactions -- can execute complex tasks autonomously, but their multi-step trajectories introduce new failure modes that…

Artificial Intelligence · Computer Science 2026-05-26 Jinhu Qi , Muzhi Li , Jiahong Liu , Yuqin Shu , Dianzhi Yu , Shicheng Ma , Wenqian Cui , Yiyang Zhao , Yiyi Chen , Ruoxi Jiang , Irwin King , Zenglin Xu

The rise of Large Language Model (LLM) agents, augmented with tool use, skills, and external knowledge, has introduced new security risks. Among them, prompt injection attacks, where adversaries embed malicious instructions into the agent…

Cryptography and Security · Computer Science 2026-05-06 Shihao Weng , Yang Feng , Jinrui Zhang , Xiaofei Xie , Jiongchi Yu , Jia Liu

The rise of AI agents introduces complex safety and security challenges arising from autonomous tool use and environmental interactions. Current guardrail models lack agentic risk awareness and transparency in risk diagnosis. To introduce…

LLM agents process trusted instructions, retrieved records, and tool observations through a common generative channel. This conflates data flow with authority: an untrusted string can affect a secret-bearing response or an action proposal…

Cryptography and Security · Computer Science 2026-05-27 Faruk Alpay , Taylan Alpay

CTI-REALM (Cyber Threat Real World Evaluation and LLM Benchmarking) is a benchmark designed to evaluate AI agents' ability to interpret cyber threat intelligence (CTI) and develop detection rules. The benchmark provides a realistic…

Cryptography and Security · Computer Science 2026-03-18 Arjun Chakraborty , Sandra Ho , Adam Cook , Manuel Meléndez

Retrieval-augmented generation (RAG) systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive…

Cryptography and Security · Computer Science 2025-11-21 Badrinath Ramakrishnan , Akshaya Balaji

LLM-based agents are becoming increasingly capable, yet their safety lags behind. This creates a gap between what agents can do and should do. This gap widens as agents engage in multi-turn interactions and employ diverse tools, introducing…

Cryptography and Security · Computer Science 2026-02-17 Xu Li , Simon Yu , Minzhou Pan , Yiyou Sun , Bo Li , Dawn Song , Xue Lin , Weiyan Shi

Agent benchmarks have become the de facto measure of frontier AI competence, guiding model selection, investment, and deployment. However, reward hacking, where agents maximize a score without performing the intended task, emerges…

Artificial Intelligence · Computer Science 2026-05-14 Hao Wang , Hanchen Li , Qiuyang Mang , Alvin Cheung , Koushik Sen , Dawn Song

AI is increasingly being used to assist fraud and cybercrime. However, it is unclear the extent to which current large language models can provide useful information for complex criminal activity. Working with law enforcement and policy…

Recent autonomous AI agents such as Codex, and Claude Code have made it increasingly practical for users to delegate complex tasks, including writing emails, executing code, issuing shell commands, and carrying out multi-step plans.…

Human-Computer Interaction · Computer Science 2026-04-21 Haomin Zhuang , Hanwen Xing , Xiangliang Zhang

AI agents, specifically powered by large language models, have demonstrated exceptional capabilities in various applications where precision and efficacy are necessary. However, these agents come with inherent risks, including the potential…

Cryptography and Security · Computer Science 2025-03-04 Ishaan Domkundwar , Mukunda N S , Ishaan Bhola , Riddhik Kochhar

AI pentesting agents are increasingly credible as offensive security systems, but current benchmarks still provide limited guidance on which will perform best in real-world targets. Existing evaluation protocols assess and optimize for…

Artificial Intelligence · Computer Science 2026-05-12 Pedro Conde , Henrique Branquinho , Valerio Mazzone , Bruno Mendes , André Baptista , Nuno Moniz

The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute…

Cryptography and Security · Computer Science 2026-01-16 Yi Liu , Weizhe Wang , Ruitao Feng , Yao Zhang , Guangquan Xu , Gelei Deng , Yuekang Li , Leo Zhang

When an LLM agent reads a confidential file, then writes a summary, then emails it externally, no single step is unsafe, but the sequence is a data leak. We call this safety drift: individually safe actions compounding into violations.…

Cryptography and Security · Computer Science 2026-03-31 Aditya Dhodapkar , Farhaan Pishori

Defenses against indirect prompt injection (IPI) in tool-using LLM agents share two structural weaknesses. First, they all attempt to prevent attacks rather than detect the compromises that slip through. Second, they have only been…

Cryptography and Security · Computer Science 2026-05-13 Yassin H. Rassul , Tarik A. Rashid