2 matches found
AttriGuard: Defeating Indirect Prompt Injection in LLM Agents Via Causal Attribution of Tool Invocations
LLM agents are highly vulnerable to Indirect Prompt Injection IPI, where adversaries embed malicious directives in untrusted tool outputs to hijack execution. Most existing defenses treat IPI as an input-level semantic discrimination problem, which often fails to generalize to unseen payloads. We...
Jailbreaking Embodied LLMs Via Action-Level Manipulation
Embodied Large Language Models LLMs enable AI agents to interact with the physical world through natural language instructions and actions. However, beyond the language-level risks inherent to LLMs themselves, embodied LLMs with real-world actuation introduce a new vulnerability: instructions tha...