:: Library Catalog

Cover Image

Saved in:

Bibliographic Details
Main Authors:	Debi, Tanusree, Zhu, Wentian, Gupta, Pranjol Sen
Format:	Preprint
Published:	2026
Subjects:	Cryptography and Security Artificial Intelligence
Online Access:	https://arxiv.org/abs/2601.22569
Tags:	Add Tag No Tags, Be the first to tag this record!

Similar Items

MUZZLE: Adaptive Agentic Red-Teaming of Web Agents Against Indirect Prompt Injection Attacks
by: Syros, Georgios, et al.
Published: (2026)

IPI-proxy: An Intercepting Proxy for Red-Teaming Web-Browsing AI Agents Against Indirect Prompt Injection
by: Chia-Pei, et al.
Published: (2026)

Red Teaming AI Red Teaming
by: Majumdar, Subhabrata, et al.
Published: (2025)

Trojan Horses in Recruiting: A Red-Teaming Case Study on Indirect Prompt Injection in Standard vs. Reasoning Models
by: Wirth, Manuel
Published: (2026)

From Prompt Injections to Protocol Exploits: Threats in LLM-Powered AI Agents Workflows
by: Ferrag, Mohamed Amine, et al.
Published: (2025)

AgentVigil: Generic Black-Box Red-teaming for Indirect Prompt Injection against LLM Agents
by: Wang, Zhun, et al.
Published: (2025)

Breaking the Protocol: Security Analysis of the Model Context Protocol Specification and Prompt Injection Vulnerabilities in Tool-Integrated LLM Agents
by: Maloyan, Narek, et al.
Published: (2026)

Automatic Red Teaming LLM-based Agents with Model Context Protocol Tools
by: He, Ping, et al.
Published: (2025)

To Protect the LLM Agent Against the Prompt Injection Attack with Polymorphic Prompt
by: Wang, Zhilong, et al.
Published: (2025)

MonitoringBench: Semi-Automated Red-Teaming for Agent Monitoring
by: Jotautaitė, Monika, et al.
Published: (2026)

MELON: Provable Defense Against Indirect Prompt Injection Attacks in AI Agents
by: Zhu, Kaijie, et al.
Published: (2025)

Securing AI Agents Against Prompt Injection Attacks
by: Ramakrishnan, Badrinath, et al.
Published: (2025)

Proteus: A Self-Evolving Red Team for Agent Skill Ecosystems
by: Zhou, Zhaojiacheng
Published: (2026)

Manipulating LLM Web Agents with Indirect Prompt Injection Attack via HTML Accessibility Tree
by: Johnson, Sam, et al.
Published: (2025)

MetaBreak: Jailbreaking Online LLM Services via Special Token Manipulation
by: Zhu, Wentian, et al.
Published: (2025)

WARD: Adversarially Robust Defense of Web Agents Against Prompt Injections
by: Cao, Tri, et al.
Published: (2026)

VPI-Bench: Visual Prompt Injection Attacks for Computer-Use Agents
by: Cao, Tri, et al.
Published: (2025)

RTBAS: Defending LLM Agents Against Prompt Injection and Privacy Leakage
by: Zhong, Peter Yong, et al.
Published: (2025)

QueryIPI: Query-agnostic Indirect Prompt Injection on Coding Agents
by: Xie, Yuchong, et al.
Published: (2025)

WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks
by: Evtimov, Ivan, et al.
Published: (2025)

Bypassing Prompt Injection Detectors through Evasive Injections
by: Rahman, Md Jahedur, et al.
Published: (2026)

Red Teaming Large Reasoning Models
by: Chen, Jiawei, et al.
Published: (2025)

PromptArmor: Simple yet Effective Prompt Injection Defenses
by: Shi, Tianneng, et al.
Published: (2025)

APEX: Agent Payment Execution with Policy for Autonomous Agent API Access
by: Uddin, Mohd Safwan, et al.
Published: (2026)

Red-Teaming Agent Execution Contexts: Open-World Security Evaluation on OpenClaw
by: Yao, Hongwei, et al.
Published: (2026)

PromptLocate: Localizing Prompt Injection Attacks
by: Jia, Yuqi, et al.
Published: (2025)

RedAgent: Red Teaming Large Language Models with Context-aware Autonomous Language Agent
by: Xu, Huiyu, et al.
Published: (2024)

AgentTypo: Adaptive Typographic Prompt Injection Attacks against Black-box Multimodal Agents
by: Li, Yanjie, et al.
Published: (2025)

Defeating Prompt Injections by Design
by: Debenedetti, Edoardo, et al.
Published: (2025)

LivePI: More Realistic Benchmarking of Agents Against Indirect Prompt Injection
by: Zhao, Lei, et al.
Published: (2026)

ICON: Indirect Prompt Injection Defense for Agents based on Inference-Time Correction
by: Wang, Che, et al.
Published: (2026)

ASPI: Seeking Ambiguity Clarification Amplifies Prompt Injection Vulnerability in LLM Agents
by: Sehwag, Udari Madhushani, et al.
Published: (2026)

SnapGuard: Lightweight Prompt Injection Detection for Screenshot-Based Web Agents
by: Du, Mengyao, et al.
Published: (2026)

AutoRedTeamer: Autonomous Red Teaming with Lifelong Attack Integration
by: Zhou, Andy, et al.
Published: (2025)

Red-Teaming Coding Agents from a Tool-Invocation Perspective: An Empirical Security Assessment
by: Xie, Yuchong, et al.
Published: (2025)

SIRAJ: Diverse and Efficient Red-Teaming for LLM Agents via Distilled Structured Reasoning
by: Zhou, Kaiwen, et al.
Published: (2025)

RedVisor: Reasoning-Aware Prompt Injection Defense via Zero-Copy KV Cache Reuse
by: Liu, Mingrui, et al.
Published: (2026)

Agent Privilege Separation in OpenClaw: A Structural Defense Against Prompt Injection
by: Cheng, Darren, et al.
Published: (2026)

SkillJect: Effectively Automating Skill-Based Prompt Injection for Skill-Enabled Agents
by: Jia, Xiaojun, et al.
Published: (2026)

SecInfer: Preventing Prompt Injection via Inference-time Scaling
by: Liu, Yupei, et al.
Published: (2025)