Saved in:
Bibliographic Details
Main Author: Cohen, Avihay
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.13543
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909848187174912
author Cohen, Avihay
author_facet Cohen, Avihay
contents Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions hidden in a webpage deceive the agent into unwanted actions. These attacks can bypass traditional web security boundaries, as the AI agent operates with the user privileges across sites. In this paper, we present a novel fuzzing framework that runs entirely in the browser and is guided by an LLM to automatically discover such prompt injection vulnerabilities in real time.
format Preprint
id arxiv_https___arxiv_org_abs_2510_13543
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle In-Browser LLM-Guided Fuzzing for Real-Time Prompt Injection Testing in Agentic AI Browsers
Cohen, Avihay
Cryptography and Security
Artificial Intelligence
Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions hidden in a webpage deceive the agent into unwanted actions. These attacks can bypass traditional web security boundaries, as the AI agent operates with the user privileges across sites. In this paper, we present a novel fuzzing framework that runs entirely in the browser and is guided by an LLM to automatically discover such prompt injection vulnerabilities in real time.
title In-Browser LLM-Guided Fuzzing for Real-Time Prompt Injection Testing in Agentic AI Browsers
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2510.13543