English
Related papers

Related papers: ChainCaps: Composition-Safe Tool-Using Agents via …

200 papers

Large language models increasingly operate as autonomous agents that select and invoke tools from large registries. We identify a critical gap: when unauthorized tools are visible in an agent's context, models select them in adversarial…

Cryptography and Security · Computer Science 2026-05-19 Rohith Uppala

Current LLM agents are proficient at calling isolated APIs but struggle with the "last mile" of commercial software automation. In real-world scenarios, tools are not independent; they are atomic, interdependent, and prone to environmental…

Artificial Intelligence · Computer Science 2026-05-21 Yuanyang Li , Xue Yang , Longyue Wang , Weihua Luo , Hongyang Chen

Modern code intelligence agents operate in contexts exceeding 1 million tokens--far beyond the scale where humans manually locate relevant files. Yet agents consistently fail to discover architecturally critical files when solving…

Artificial Intelligence · Computer Science 2026-02-24 Tarakanath Paipuru

AI agents that interact with the real world through tool calls pose fundamental safety challenges: agents might leak private information, cause unintended side effects, or be manipulated through prompt injection. To address these…

Artificial Intelligence · Computer Science 2026-05-29 Martin Odersky , Yaoyu Zhao , Yichen Xu , Oliver Bračevac , Cao Nguyen Pham

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve…

Cryptography and Security · Computer Science 2023-07-21 Ethan Cecchetti , Siqiu Yao , Haobin Ni , Andrew C. Myers

Tool-using LLM agents increasingly coordinate real workloads by selecting and chaining third-party tools based on text-visible metadata such as tool names, descriptions, and return messages. We show that this convenience creates a…

Computation and Language · Computer Science 2026-02-17 Yohan Lee , Jisoo Jang , Seoyeon Choi , Sangyeop Kim , Seungtaek Choi

The Model Context Protocol (MCP) replaces static, developer-controlled API integrations with more dynamic, user-driven agent systems, which also introduces new security risks. As MCP adoption grows across community servers and major…

Cryptography and Security · Computer Science 2025-11-27 Herman Errico , Jiquan Ngiam , Shanita Sojan

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they…

Software Engineering · Computer Science 2015-07-29 Daniel Ricardo dos Santos , Silvio Ranise , Serena Elisa Ponta

The Model Context Protocol (MCP) enables large language models to invoke external tools through natural-language descriptions, forming the foundation of many AI agent applications. However, MCP does not enforce consistency between…

Cryptography and Security · Computer Science 2026-02-04 Zhihao Li , Boyang Ma , Xuelong Dai , Minghui Xu , Yue Zhang , Biwei Yan , Kun Li

AI agent protocols -- including MCP, A2A, ANP, and ACP -- enable autonomous agents to discover capabilities, delegate tasks, and compose services across trust boundaries. Despite massive deployment (MCP alone has 97M+ monthly SDK…

Cryptography and Security · Computer Science 2026-03-26 Shenghan Zheng , Qifan Zhang

Multi-agent systems achieve state-of-the-art outcomes through peer collaboration. However, when an agent in the pipeline silently drops a constraint, the system's final output may look correct even though the reasoning chain was quietly…

A multi-agent pipeline with N agents typically issues N LLM calls per run. Merging agents into fewer calls (compound execution) promises token savings, but naively merged calls silently degrade quality through tool loss and prompt…

Computation and Language · Computer Science 2026-05-04 Aninda Ray

The Model Context Protocol (MCP) standardizes how AI agents discover and invoke external tools, with over 10,000 active servers and 97 million monthly SDK downloads as of early 2026. Yet MCP does not yet standardize how agents safely…

Software Engineering · Computer Science 2026-04-16 Vasundra Srinivasan

Cybersecurity is a relentless arms race, with AI driven offensive systems evolving faster than traditional defenses can adapt. Research and tooling remain fragmented across isolated defensive functions, creating blind spots that adversaries…

Computation and Language · Computer Science 2025-10-03 Mudita Khurana , Raunak Jain

Model Context Protocols (MCPs) provide a unified platform for agent systems to discover, select, and orchestrate tools across heterogeneous execution environments. As MCP-based systems scale to incorporate larger tool catalogs and multiple…

Cryptography and Security · Computer Science 2026-02-19 Yuval Felendler , Parth A. Gandhi , Idan Habler , Yuval Elovici , Asaf Shabtai

The temporal assumptions underpinning conventional Identity and Access Management collapse under agentic execution regimes. A sixty-second revocation window permits on the order of $6 \times 10^3$ unauthorized API calls at 100 ops/tick; at…

Multiagent Systems · Computer Science 2026-03-11 Vladyslav Parakhin

The agent--tool interaction loop is a critical attack surface for modern Large Language Model (LLM) agents. Existing denial-of-service (DoS) attacks typically function at the user-prompt or retrieval-augmented generation (RAG) context layer…

Cryptography and Security · Computer Science 2026-03-12 Kaiyu Zhou , Yongsen Zheng , Yicheng He , Meng Xue , Xueluan Gong , Yuji Wang , Xuanye Zhang , Kwok-Yan Lam

Large language models deployed as agents increasingly interact with external systems through tool calls--actions with real-world consequences that text outputs alone do not carry. Safety evaluations, however, overwhelmingly measure…

Artificial Intelligence · Computer Science 2026-02-20 Arnold Cartagena , Ariane Teixeira

Multi-server MCP agents create an information-flow control problem: faithful tool composition can turn individually benign read/write permissions into cross-boundary credential propagation -- a structural side effect of workflow topology,…

Artificial Intelligence · Computer Science 2026-05-01 Haonan Li , Tianjun Sun , Yongqing Wang , Qisheng Zhang

The Model Context Protocol (MCP) has emerged as a widely adopted mechanism for connecting large language models to external tools and resources. While MCP promises seamless extensibility and rich integrations, it also introduces a…

Cryptography and Security · Computer Science 2025-07-10 Zhihao Li , Kun Li , Boyang Ma , Minghui Xu , Yue Zhang , Xiuzhen Cheng
‹ Prev 1 2 3 10 Next ›