Defenses and Enablers for Skill Injection Attacks on Terminal Based Agents

Large language model LLM agents increasingly rely on reusable skills i.e. documents describing task-specific procedures. However, this introduces a new attack surface for agents to manage. We study two complementary directions for this threat. First, we evaluate guardian-based defenses: an...

DualTAP: A Dual-Task Adversarial Protector for Mobile MLLM Agents

The reliance of mobile GUI agents on Multimodal Large Language Models MLLMs introduces a severe privacy vulnerability: screenshots containing Personally Identifiable Information PII are often sent to untrusted, third-party routers. These routers can exploit their own MLLMs to mine this data,...