v1v2 (latest)

InjecAgent: Benchmarking Indirect Prompt Injections in Tool-Integrated Large Language Model Agents

5 March 2024

ArXiv (abs)PDF HTML Github (63★)

Papers citing "InjecAgent: Benchmarking Indirect Prompt Injections in Tool-Integrated Large Language Model Agents"

50 / 135 papers shown

Title
LeechHijack: Covert Computational Resource Exploitation in Intelligent Agent Systems Yuanhe Zhang Weiliu Wang Zhenhong Zhou Kun Wang Jie Zhang Li Sun Yang Liu Sen Su 116 1 0 02 Dec 2025
Bias Injection Attacks on RAG Databases and Sanitization Defenses Hao Wu Prateek Saxena AAML SILM 308 0 0 30 Nov 2025
BrowseSafe: Understanding and Preventing Prompt Injection Within AI Browser Agents Kaiyuan Zhang Mark Tenenholtz Kyle Polley Jerry Ma Denis Yarats Ninghui Li SILM 598 0 0 25 Nov 2025
Z-Space: A Multi-Agent Tool Orchestration Framework for Enterprise-Grade LLM Automation Qingsong He Jing Nan Jiayu Jiao Liangjie Tang Xiaodong Xu Mengmeng Sun Qingyao Wang Minghui Yan LLMAG 170 0 0 23 Nov 2025
ASTRA: Agentic Steerability and Risk Assessment Framework Itay Hazan Yael Mathov Guy Shtar Ron Bitton Itsik Mantin 76 0 0 22 Nov 2025
MURMUR: Using cross-user chatter to break collaborative language agents in groups Atharv Singh Patlan Peiyao Sheng S. Ashwin Hebbar Prateek Mittal Pramod Viswanath AAML 92 0 0 21 Nov 2025
Taxonomy, Evaluation and Exploitation of IPI-Centric LLM Agent Defense Frameworks Zimo Ji Xunguang Wang Zongjie Li Pingchuan Ma Yudong Gao Daoyuan Wu Xincheng Yan Tian Tian Shuai Wang LLMAG AAML 305 0 0 19 Nov 2025
TAMAS: Benchmarking Adversarial Risks in Multi-Agent LLM Systems Ishan Kavathekar Hemang Jain Ameya Rathod Ponnurangam Kumaraguru Tanuja Ganu LLMAG AAML 320 0 0 07 Nov 2025
ConVerse: Benchmarking Contextual Safety in Agent-to-Agent Conversations Amr Gomaa Ahmed Salem Sahar Abdelnabi LLMAG 104 0 0 07 Nov 2025
DRIP: Defending Prompt Injection via Token-wise Representation Editing and Residual Instruction Fusion Ruofan Liu Yun Lin Zhiyong Huang Jin Song Dong AAML SILM 342 0 0 01 Nov 2025
SIRAJ: Diverse and Efficient Red-Teaming for LLM Agents via Distilled Structured Reasoning Kaiwen Zhou Ahmed Elgohary A S M Iftekhar Amin Saied LLMAG AAML 98 0 0 30 Oct 2025
Who Grants the Agent Power? Defending Against Instruction Injection via Task-Centric Access Control Yifeng Cai Ziming Wang Zhaomeng Deng Mengyu Yao Junlin Liu Yutao Hu Ziqi Zhang Yao Guo Ding Li 97 0 0 30 Oct 2025
Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges Shrestha Datta Shahriar Kabir Nahin Anshuman Chhabra P. Mohapatra LLMAG LM&Ro 252 2 0 27 Oct 2025
QueryIPI: Query-agnostic Indirect Prompt Injection on Coding Agents Yuchong Xie Zesen Liu Mingyu Luo Z. Zhang Kaikai Zhang Zongjie Li Ping Chen Shuai Wang Dongdong She 100 1 0 27 Oct 2025
Breaking Agent Backbones: Evaluating the Security of Backbone LLMs in AI Agents Julia Bazińska Max Mathys Francesco Casucci Mateo Rojas-Carulla Xander Davies Alexandra Souly Niklas Pfister LLMAG ELM 172 0 0 26 Oct 2025
Soft Instruction De-escalation Defense Nils Philipp Walter Chawin Sitawarin Jamie Hayes David Stutz Ilia Shumailov AAML 128 0 0 24 Oct 2025
GhostEI-Bench: Do Mobile Agents Resilience to Environmental Injection in Dynamic On-Device Environments? Chiyu Chen Xinhao Song Yunkai Chai Yang Yao Haodong Zhao Lijun Li Jie Li Yan Teng Gongshen Liu Y. Wang AAML LLMAG 192 0 0 23 Oct 2025
Defending Against Prompt Injection with DataFilter Yizhu Wang Sizhe Chen Raghad Alkhudair Basel Alomair David Wagner AAML 217 2 0 22 Oct 2025
Genesis: Evolving Attack Strategies for LLM Web Agent Red-Teaming Zheng Zhang Jiarui He Yuchen Cai Deheng Ye P. Zhao R. Feng Hao Wang LLMAG AAML 94 0 0 21 Oct 2025
Breaking and Fixing Defenses Against Control-Flow Hijacking in Multi-Agent Systems Rishi Jha Harold Triedman Justin Wagle Vitaly Shmatikov AAML 129 1 0 20 Oct 2025
Investigating the Impact of Dark Patterns on LLM-Based Web Agents Devin Ersoy Brandon Lee Ananth Shreekumar Arjun Arunasalam Muhammad Ibrahim Antonio Bianchi Z. Berkay Celik LLMAG 123 0 0 20 Oct 2025
Empowering Real-World: A Survey on the Technology, Practice, and Evaluation of LLM-driven Industry Agents Yihong Tang Kehai Chen Liang Yue Jinxin Fan Caishen Zhou ... Kaiyang Guo Xingshan Zeng Wenjing Cun L. Shang Min Zhang LLMAG 142 0 0 20 Oct 2025
Prompt injections as a tool for preserving identity in GAI image descriptions Kate Glazko Jennifer Mankoff 80 0 0 17 Oct 2025
SoK: Taxonomy and Evaluation of Prompt Security in Large Language Models Hanbin Hong Shuya Feng Nima Naderloui Shenao Yan Jingyu Zhang Biying Liu Ali Arastehfard Heqing Huang Yuan Hong AAML 225 0 0 17 Oct 2025
Metacognitive Self-Correction for Multi-Agent System via Prototype-Guided Next-Execution Reconstruction Xu Shen Qi Zhang Song Wang Zhen Tan Xinyu Zhao ... Vaishnav Tadiparthi Hossein Nourkhiz Mahjoub Ehsan Moradi-Pari Kwonjoon Lee Tianlong Chen 157 0 0 16 Oct 2025
Breaking Guardrails, Facing Walls: Insights on Adversarial AI for Defenders & Researchers Giacomo Bertollo Naz Bodemir Jonah Burgess 54 0 0 14 Oct 2025
MCP Security Bench (MSB): Benchmarking Attacks Against Model Context Protocol in LLM Agents Dongsen Zhang Zekun Li Xu Luo Xuannan Liu Peipei Li Wenjun Xu ELM 162 1 0 14 Oct 2025
CommandSans: Securing AI Agents with Surgical Precision Prompt Sanitization Debeshee Das Luca Beurer-Kellner Marc Fischer Maximilian Baader AAML 153 0 0 09 Oct 2025
A Survey on Agentic Security: Applications, Threats and Defenses Asif Shahriar M. Rahman Sadif Ahmed Farig Sadeque Md Rizwan Parvez 141 2 0 07 Oct 2025
RL Is a Hammer and LLMs Are Nails: A Simple Reinforcement Learning Recipe for Strong Prompt Injection Yuxin Wen Arman Zharmagambetov Ivan Evtimov Narine Kokhlikyan Tom Goldstein Kamalika Chaudhuri Chuan Guo OffRL SILM 167 5 0 06 Oct 2025
ECLipsE-Gen-Local: Efficient Compositional Local Lipschitz Estimates for Deep Neural Networks Yuezhu Xu S. Sivaranjani 80 0 0 06 Oct 2025
AgentTypo: Adaptive Typographic Prompt Injection Attacks against Black-box Multimodal Agents Yanjie Li Yiming Cao Dong Wang Bin Xiao LLMAG AAML 124 1 0 05 Oct 2025
Backdoor-Powered Prompt Injection Attacks Nullify Defense Methods Yulin Chen Haoran Li Yuan Sui Yangqiu Song Bryan Hooi SILM AAML 199 0 0 04 Oct 2025
Breaking the Code: Security Assessment of AI Code Agents Through Systematic Jailbreaking Attacks Shoumik Saha Jifan Chen Sam Mayers Sanjay Krishna Gouda Zijian Wang Varun Kumar AAML ELM 168 2 0 01 Oct 2025
STAC: When Innocent Tools Form Dangerous Chains to Jailbreak LLM Agents J. Li Jianfeng He Chao Shang Devang Kulshreshtha Xun Xian Yi Zhang Hang Su Sandesh Swamy Yanjun Qi 108 0 0 30 Sep 2025
SecInfer: Preventing Prompt Injection via Inference-time Scaling Yupei Liu Yanting Wang Yuqi Jia Jinyuan Jia Neil Zhenqiang Gong LRM SILM AAML 421 3 0 29 Sep 2025
Takedown: How It's Done in Modern Coding Agent Exploits Eunkyu Lee Donghyeon Kim Wonyoung Kim Insu Yun LLMAG ELM 169 1 0 29 Sep 2025
SafeSearch: Automated Red-Teaming for the Safety of LLM-Based Search Agents Jianshuo Dong Sheng Guo Hao Wang Zhuotao Liu Tianwei Zhang Tianwei Zhang Ke Xu Shiyu Huang Han Qiu LLMAG 313 1 0 28 Sep 2025
ChatInject: Abusing Chat Templates for Prompt Injection in LLM Agents Hwan Chang Yonghyun Jun Hwanhee Lee SILM 130 2 0 26 Sep 2025
AI Kill Switch for malicious web-based LLM agent Sechan Lee Sangdon Park LLMAG AAML 84 0 0 26 Sep 2025
Generalizability of Large Language Model-Based Agents: A Comprehensive Survey Minxing Zhang Yi Yang Roy Xie Bhuwan Dhingra Shuyan Zhou Jian Pei LLMAG LM&Ro AI4CE 178 1 0 19 Sep 2025
When Your Reviewer is an LLM: Biases, Divergence, and Prompt Injection Risks in Peer Review Changjia Zhu Junjie Xiong Renkai Ma Zhicong Lu Yao Liu Lingyao Li AAML 123 1 0 12 Sep 2025
SafeToolBench: Pioneering a Prospective Benchmark to Evaluating Tool Utilization Safety in LLMs Hongfei Xia Hongru Wang Zeming Liu Qian Yu Yuhang Guo Haifeng Wang ELM 94 1 0 09 Sep 2025
Transferable Direct Prompt Injection via Activation-Guided MCMC Sampling Minghui Li Hao Zhang Yechao Zhang Wei Wan Shengshan Hu Pei Xiaobing Jing Wang SILM AAML 136 0 0 09 Sep 2025
Network-Level Prompt and Trait Leakage in Local Research Agents Hyejun Jeong Mohammadreza Teymoorianfard A. Kumar Amir Houmansadr Eugene Bagdasarian 129 0 0 27 Aug 2025
IPIGuard: A Novel Tool Dependency Graph-Based Defense Against Indirect Prompt Injection in LLM Agents Hengyu An Jinghuai Zhang Xuhong Zhang Chunyi Zhou Qingming Li Tao Lin Shouling Ji LLMAG 96 6 0 21 Aug 2025
MCPTox: A Benchmark for Tool Poisoning Attack on Real-World MCP Servers Zhiqiang Wang Yichao Gao Yanting Wang Suyuan Liu Haifeng Sun Haoran Cheng Guanquan Shi Haohua Du Xiangyang Li 224 7 0 19 Aug 2025
LM Agents May Fail to Act on Their Own Risk Knowledge Yuzhi Tang Tianxiao Li Elizabeth Li Chris J. Maddison Honghua Dong Yangjun Ruan LLMAG ELM 1.6K 0 0 19 Aug 2025
BlindGuard: Safeguarding LLM-based Multi-Agent Systems under Unknown Attacks Rui Miao Yixin Liu Yili Wang Xu Shen Yue Tan Yiwei Dai Shirui Pan Xin Wang AAML 174 7 0 11 Aug 2025
Provably Secure Retrieval-Augmented Generation Pengcheng Zhou Yinglun Feng Zhongliang Yang SILM 170 0 0 01 Aug 2025