中文
相关论文

相关论文: Exploiting LLM Agent Supply Chains via Payload-les…

200 篇论文

Large language model (LLM) agents increasingly rely on skills to package reusable capabilities through instructions, tools, and resources. High-quality skills embed expert knowledge, curated workflows, and execution constraints into agents,…

密码学与安全 · 计算机科学 2026-04-28 Zihan Wang , Rui Zhang , Yu Liu , Chi Liu , Qingchuan Zhao , Hongwei Li , Guowen Xu

LLM-based coding agents extend their capabilities via third-party agent skills distributed through open marketplaces without mandatory security review. Unlike traditional packages, these skills are executed as operational directives with…

密码学与安全 · 计算机科学 2026-04-06 Yubin Qu , Yi Liu , Tongcheng Geng , Gelei Deng , Yuekang Li , Leo Yu Zhang , Ying Zhang , Lei Ma

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in…

密码学与安全 · 计算机科学 2025-12-30 Toqeer Ali Syed , Mohammad Riyaz Belgaum , Salman Jan , Asadullah Abdullah Khan , Saad Said Alqahtani

Autonomous AI agents increasingly extend their capabilities through Agent Skills: modular filesystem packages whose SKILL.md files describe when and how agents should use them. While this design enables scalable, on-demand capability…

人工智能 · 计算机科学 2026-05-13 Shoumik Saha , Kazem Faghih , Soheil Feizi

Agentic systems based on large language models (LLMs) operate not merely as text generators but as autonomous entities that dynamically retrieve information and invoke tools. This execution model shifts the attack surface from traditional…

密码学与安全 · 计算机科学 2026-04-21 Xiaochong Jiang , Shiqi Yang , Wenting Yang , Yichen Liu , Cheng Ji

Recently, applications powered by Large Language Models (LLMs) have made significant strides in tackling complex tasks. By harnessing the advanced reasoning capabilities and extensive knowledge embedded in LLMs, these applications can…

密码学与安全 · 计算机科学 2025-06-13 Yuyang Zhang , Kangjie Chen , Jiaxin Gao , Ronghao Cui , Run Wang , Lina Wang , Tianwei Zhang

Autonomous Large Language Model (LLM) agents, exemplified by OpenClaw, demonstrate remarkable capabilities in executing complex, long-horizon tasks. However, their tightly coupled instant-messaging interaction paradigm and high-privilege…

Large Language Model (LLM) Agents are an emerging computing paradigm that blends generative machine learning with tools such as code interpreters, web browsing, email, and more generally, external resources. These agent-based systems…

密码学与安全 · 计算机科学 2024-10-23 Xiaohan Fu , Shuheng Li , Zihan Wang , Yihao Liu , Rajesh K. Gupta , Taylor Berg-Kirkpatrick , Earlence Fernandes

While new technologies emerge, human errors always looming. Software supply chain is increasingly complex and intertwined, the security of a service has become paramount to ensuring the integrity of products, safeguarding data privacy, and…

Autonomous agent frameworks built upon large language models (LLMs) are evolving into complex, tool-integrated, and continuously operating systems, introducing security risks beyond traditional prompt-level vulnerabilities. As this paradigm…

密码学与安全 · 计算机科学 2026-05-01 Luyao Xu , Xiang Chen

Agent hijacking, highlighted by OWASP as a critical threat to the Large Language Model (LLM) ecosystem, enables adversaries to manipulate execution by injecting malicious instructions into retrieved content. Most existing attacks rely on…

人工智能 · 计算机科学 2026-02-20 Xinhao Deng , Jiaqing Wu , Miao Chen , Yue Xiao , Ke Xu , Qi Li

The rapid adoption of Large Language Model (LLM) agents and multi-agent systems enables remarkable capabilities in natural language processing and generation. However, these systems introduce security vulnerabilities that extend beyond…

密码学与安全 · 计算机科学 2026-05-12 Matteo Lupinacci , Francesco Aurelio Pironti , Francesco Blefari , Francesco Romeo , Luigi Arena , Angelo Furfaro

This paper explores how Large Language Models (LLMs) can automate consensus-seeking in supply chain management (SCM), where frequent decisions on problems such as inventory levels and delivery times require coordination among companies.…

人工智能 · 计算机科学 2024-11-18 Valeria Jannelli , Stefan Schoepf , Matthias Bickel , Torbjørn Netland , Alexandra Brintrup

Large language models (LLMs) and LLM-based agents have been widely deployed in a wide range of applications in the real world, including healthcare diagnostics, financial analysis, customer support, robotics, and autonomous driving,…

密码学与安全 · 计算机科学 2025-05-20 Wenrui Xu , Keshab K. Parhi

Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While…

密码学与安全 · 计算机科学 2026-01-13 Takaaki Toda , Tatsuya Mori

Large Language Models (LLMs) remain vulnerable to jailbreak attacks that bypass their safety mechanisms. Existing attack methods are fixed or specifically tailored for certain models and cannot flexibly adjust attack strength, which is…

密码学与安全 · 计算机科学 2024-10-08 Yiting Dong , Guobin Shen , Dongcheng Zhao , Xiang He , Yi Zeng

Large language model (LLM) agents have demonstrated remarkable capabilities in complex reasoning and decision-making by leveraging external tools. However, this tool-centric paradigm introduces a previously underexplored attack surface,…

人工智能 · 计算机科学 2026-01-08 Kanghua Mo , Li Hu , Yucheng Long , Zhihao Li

As autonomous agents (e.g., OpenClaw) increasingly operate with deep system-level privileges to execute complex tasks, they introduce severe, unmitigated security risks. Current vulnerability analyses overwhelmingly focus on single-turn,…

密码学与安全 · 计算机科学 2026-05-22 Jianan Ma , Xiaohu Du , Ruixiao Lin , Yaoxiang Bian , Jialuo Chen , Jingyi Wang , Xiaofang Yang , Shiwen Cui , Changhua Meng , Xinhao Deng , Zhen Wang

Autonomous browsing agents powered by large language models (LLMs) are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface.…

密码学与安全 · 计算机科学 2025-05-20 Mykyta Mudryi , Markiyan Chaklosh , Grzegorz Wójcik

LLM-powered coding agents increasingly make software supply chain decisions. They generate imports, recommend packages, and write installation commands. Prior work showed that these systems can hallucinate non-existent package names, which…

密码学与安全 · 计算机科学 2026-05-12 Yiyong Liu , Chia-Yi Hsu , Chun-Ying Huang , Michael Backes , Rui Wen , Chia-Mu Yu
‹ 上一页 1 2 3 10 下一页 ›