Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain
Large language model LLM agents increasingly rely on third-party API routers to dispatch tool-calling requests across multiple upstream providers. These routers operate as application-layer proxies with full plaintext access to every in-flight JSON payload, yet no provider enforces cryptographic...