Saved in:
Bibliographic Details
Main Authors: Geng, Runpeng, Yin, Chenlong, Wang, Yanting, Chen, Ying, Jia, Jinyuan
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.08499
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914461831397376
author Geng, Runpeng
Yin, Chenlong
Wang, Yanting
Chen, Ying
Jia, Jinyuan
author_facet Geng, Runpeng
Yin, Chenlong
Wang, Yanting
Chen, Ying
Jia, Jinyuan
contents Prompt injection attacks pose serious security risks across a wide range of real-world applications. While receiving increasing attention, the community faces a critical gap: the lack of a unified platform for prompt injection evaluation. This makes it challenging to reliably compare defenses, understand their true robustness under diverse attacks, or assess how well they generalize across tasks and benchmarks. For instance, many defenses initially reported as effective were later found to exhibit limited robustness on diverse datasets and attacks. To bridge this gap, we introduce PIArena, a unified and extensible platform for prompt injection evaluation that enables users to easily integrate state-of-the-art attacks and defenses and evaluate them across a variety of existing and new benchmarks. We also design a dynamic strategy-based attack that adaptively optimizes injected prompts based on defense feedback. Through comprehensive evaluation using PIArena, we uncover critical limitations of state-of-the-art defenses: limited generalizability across tasks, vulnerability to adaptive attacks, and fundamental challenges when an injected task aligns with the target task. The code and datasets are available at https://github.com/sleeepeer/PIArena.
format Preprint
id arxiv_https___arxiv_org_abs_2604_08499
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle PIArena: A Platform for Prompt Injection Evaluation
Geng, Runpeng
Yin, Chenlong
Wang, Yanting
Chen, Ying
Jia, Jinyuan
Cryptography and Security
Artificial Intelligence
Computation and Language
Machine Learning
Prompt injection attacks pose serious security risks across a wide range of real-world applications. While receiving increasing attention, the community faces a critical gap: the lack of a unified platform for prompt injection evaluation. This makes it challenging to reliably compare defenses, understand their true robustness under diverse attacks, or assess how well they generalize across tasks and benchmarks. For instance, many defenses initially reported as effective were later found to exhibit limited robustness on diverse datasets and attacks. To bridge this gap, we introduce PIArena, a unified and extensible platform for prompt injection evaluation that enables users to easily integrate state-of-the-art attacks and defenses and evaluate them across a variety of existing and new benchmarks. We also design a dynamic strategy-based attack that adaptively optimizes injected prompts based on defense feedback. Through comprehensive evaluation using PIArena, we uncover critical limitations of state-of-the-art defenses: limited generalizability across tasks, vulnerability to adaptive attacks, and fundamental challenges when an injected task aligns with the target task. The code and datasets are available at https://github.com/sleeepeer/PIArena.
title PIArena: A Platform for Prompt Injection Evaluation
topic Cryptography and Security
Artificial Intelligence
Computation and Language
Machine Learning
url https://arxiv.org/abs/2604.08499