最近 7 天
16
篇论文
Feed Subscription
Agent Runtime Security 固定订阅页
适合长期跟踪单个研究方向。页面会汇总这个 feed 的最近 7 天 / 30 天表现,并保留每天命中的原始条目和 digest 链接。
最近 30 天
74
篇论文
全部历史
119
篇论文
近期走势
Agent Runtime Security 今日没有新的命中文献。
2026-06-15
0
2026-06-16
5
2026-06-17
3
2026-06-18
1
2026-06-19
4
2026-06-20
0
2026-06-21
0
2026-06-22
0
2026-06-23
3
2026-06-24
6
2026-06-25
3
2026-06-26
4
2026-06-27
0
2026-06-28
0
相关关键词页
如果这个 feed 同时命中了你配置里的关键词,这里会给出长期追踪入口。
历史命中
按天回看这个 feed 的命中文献,并保留当日 digest 的 Markdown / JSON 原始产物。
2026-06-26
Agent Runtime Security4 篇
《Jailbreaking for the Average Jane: Choosing Optimal Jailbreaks via Bandit Algorithms for Automatically Enhanced Queries》〔评测 / 应用 / 方法〕:With a profusion of jailbreaks for LLMs now widely known, a growing concern is that…
- Jailbreaking for the Average Jane: Choosing Optimal Jailbreaks via Bandit Algorithms for Automatically Enhanced Queriestitle matched "jailbreak";has PDF;has rich summary
- Do Safety Guardrails Need to Reason? LeanGuard: A Fast and Light Approach for Robust Moderationtitle matched "guardrail";has PDF;has rich summary
- AgentX: Towards Agent-Driven Self-Iteration of Industrial Recommender Systemssummary matched "guardrail";has PDF;has rich summary
- MIRROR: Novelty-Constrained Memory-Guided MCTS Red-Teaming for Agentic RAGsummary matched "prompt injection";has PDF;has rich summary
2026-06-25
Agent Runtime Security3 篇
《How Reliable Is Your Jailbreak Judge? Calibration and Adversarial Robustness of Automated ASR Scoring》〔方法〕:Almost every paper on LLM jailbreaks and prompt injection reports an attack-success rate (ASR), and that number…
- How Reliable Is Your Jailbreak Judge? Calibration and Adversarial Robustness of Automated ASR Scoringtitle matched "jailbreak";summary matched "prompt injection";has PDF
- The Unfireable Safety Kernel: Execution-Time AI Alignment for AI Agents and Other Escapable AI Systemssummary matched "guardrail";has PDF;has rich summary
- AI Snitches Get Glitches: Towards Evading Agentic Surveillancesummary matched "prompt injection";has PDF;has rich summary
2026-06-24
Agent Runtime Security6 篇
《Burnyard: Future of Malware Analysis》〔方法〕:Malware analysis is a critical aspect of modern cybersecurity. The prevailing industry practice, sandboxing, involves executing suspicious binaries within isol…;《LLMs Prompted…
- Burnyard: Future of Malware Analysissummary matched "sandboxing";has PDF;has rich summary
- LLMs Prompted for Legal Context Object More: Overrefusal from Small On-Premises LLMs in Criminal Legal Contextsummary matched "jailbreak";has PDF;has rich summary
- Red-Teaming the Agentic Red-Teamsummary matched "guardrail";has PDF;has rich summary
- PHANTOM: A Large-Scale Dataset of Multimodal Adversarial Attacks for Vision-Language Modelssummary matched "guardrail";has PDF;has rich summary
- Securing LLM-Agent Long-Term Memory Against Poisoning: Non-Malleable, Origin-Bound Authority with Machine-Checked Guaranteessummary matched "data exfiltration";has PDF;has rich summary
2026-06-23
Agent Runtime Security3 篇
《Capable but Careless: Do Computer-Use Agents Follow Contextual Integrity?》〔评测 / 应用 / 方法〕:Computer-use agents (CUAs) now act on a user's behalf across personal applications such as email, calendars, and to-do lists. Thi…
- Capable but Careless: Do Computer-Use Agents Follow Contextual Integrity?title matched "computer-use agent";has PDF;has rich summary
- TROPT: An Open Framework for Unifying and Advancing Discrete Text Optimizationsummary matched "jailbreak";has PDF;has rich summary
- GIF: Locally Sound Geometric Information Flow Control for LLMssummary matched "prompt injection";has PDF;has rich summary
2026-06-19
Agent Runtime Security4 篇
《What Do Safety-Aligned LLMs Learn From Mixed Compliance Demonstrations?》〔方法〕:Prior work has shown that in-context demonstrations can jailbreak language models, but it remains unclear how models interpret different type…
- What Do Safety-Aligned LLMs Learn From Mixed Compliance Demonstrations?summary matched "jailbreak";has PDF;has rich summary
- Analyzing Defensive Misdirection Against Model-Guided Automated Attacks on Agentic AI Systemssummary matched "jailbreak";has PDF;has rich summary
- RACL: Reasoning-Agent Control Layers for Continuous Metaheuristic Learningsummary matched "guardrail";has PDF;has rich summary
- Beyond Static Endpoints: Tool Programs as an Interface for Flexible Agentic Web Servicessummary matched "sandboxing";has PDF;has rich summary
2026-06-18
Agent Runtime Security1 篇
《CodeSentinel: A Three-Layer Defense Against Indirect Prompt Injection in Code Contexts》〔方法〕:Code large language models increasingly retrieve external code context from repositories, documentation, issue threads, and co…
- CodeSentinel: A Three-Layer Defense Against Indirect Prompt Injection in Code Contextstitle matched "prompt injection";title matched "indirect prompt injection";has PDF
2026-06-17
Agent Runtime Security3 篇
《Seeing Is Not Screening: Multimodal Hidden Instruction Attacks on Agent Skill Scanners》〔应用 / 方法〕:Agent skills are emerging as an important attack surface in LLM-based systems. Through an empirical study of existing ski…
- Seeing Is Not Screening: Multimodal Hidden Instruction Attacks on Agent Skill Scannerssummary matched "privilege escalation";has PDF;has rich summary
- A Red-Team Study of Anthropic Fable 5 & Opus 4.8 Modelssummary matched "jailbreak";has PDF;has rich summary
- PreAct: Computer-Using Agents that Get Faster on Repeated Taskssummary matched "guardrail";has PDF;has rich summary
2026-06-16
Agent Runtime Security5 篇
《Automated jailbreak attack targeting multiple defense strategies》〔评测 / 方法〕:Large language models (LLMs) have demonstrated remarkable capabilities across a wide range of tasks. However, their safety remains a critical c…
- Automated jailbreak attack targeting multiple defense strategiestitle matched "jailbreak";has PDF;has rich summary
- MyPCBench: A Benchmark for Personally Intelligent Computer-Use Agentstitle matched "computer-use agent";has PDF;has rich summary
- DoubtProbe: Black-Box Jailbreak Defense via Structural Verification and Semantic Auditingtitle matched "jailbreak";has PDF;has rich summary
- KVEraser: Learning to Steer KV Cache for Efficient Localized Context Erasingsummary matched "prompt injection";has PDF;has rich summary
- Adaptive and Explicit safe: Triggering Latent Safety Awareness in Large Reasoning Modelssummary matched "jailbreak";has PDF;has rich summary
2026-06-12
Agent Runtime Security5 篇
《Neuro-Symbolic Agents for Regulated Process Automation: Challenges and Research Agenda》〔应用 / 方法〕:LLM-based agents are entering regulated industries where they automate judgment intensive quality management processes. W…
- Neuro-Symbolic Agents for Regulated Process Automation: Challenges and Research Agendasummary matched "guardrail";has PDF;has rich summary
- ComAct: Reframing Professional Software Manipulation via COM-as-Action Paradigmsummary matched "computer-use agent";has PDF;has rich summary
- Getting Better at Working With You: Compiling User Corrections into Runtime Enforcement for Coding Agentssummary matched "agent runtime";has PDF;has rich summary
- No Hidden Prompts Needed! You Can Game AI Peer Review with Presentation-Only Revisionssummary matched "prompt injection";has PDF;has rich summary
- Nous: An Attempt to Extract and Inject the Cognition Behind Prediction-Market Behaviorsummary matched "prompt injection";has PDF;has rich summary
2026-06-11
Agent Runtime Security4 篇
《Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code》〔评测 / 方法〕:Large Language Models (LLMs) are increasingly used for code generation, raising concerns that they may be misused to produce mali…
- Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Codetitle matched "jailbreak";has PDF;has rich summary
- OCELOT: Inference-Leakage Budgets for Privacy-Preserving LLM Agentssummary matched "jailbreak";has PDF;has rich summary
- Online Shift Detection and Conformal Adaptation for Deployed Safety Classifierssummary matched "jailbreak";has PDF;has rich summary
- External Experience Serving in Production LLM Systems: A Deployment-Oriented Study of Quality-Cost Trade-offssummary matched "prompt injection";has PDF;has rich summary
2026-06-10
Agent Runtime Security7 篇
《Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation》〔评测 / 应用 / 方法〕:Large language model (LLM) agents are rapidly moving from conversational interfaces to software components that plan, invoke t…
- Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluationsummary matched "agent security";summary matched "LLM agent security";summary matched "prompt injection"
- Workflow-GYM: Towards Long-Horizon Evaluation of Computer-use Agentic tasks in Real-World Professional Fieldstitle matched "computer-use agent";has PDF;has rich summary
- Data Journalist Agent: Transforming Data into Verifiable Multimodal Storiessummary matched "computer-use agent";has PDF;has rich summary
- It Takes One to Bias Them All: Breaking Bad with One-Shot GRPOsummary matched "guardrail";has PDF;has rich summary
- Training LLMs to Enforce Multi-Level Instruction Hierarchies via Gravity-Weighted Direct Preference Optimizationsummary matched "prompt injection";has PDF;has rich summary
2026-06-09
Agent Runtime Security4 篇
《WeaveBench: A Long-Horizon, Real-World Benchmark for Computer-Use Agents with Hybrid Interfaces》〔评测 / 方法〕:Computer-use agents (CUAs) increasingly operate in runtimes that combine visual desktop control, command-line ex…
- WeaveBench: A Long-Horizon, Real-World Benchmark for Computer-Use Agents with Hybrid Interfacestitle matched "computer-use agent";summary matched "agent runtime";has PDF
- Brain-Prompt Injection: A Route-Safety Audit for BCI-LLM Agentstitle matched "prompt injection";has PDF;has rich summary
- What the Eyes See, the LLMs Miss: Exploiting Human Perception for Adversarial Text Attackssummary matched "guardrail";has PDF;has rich summary
- PRISM: Recovering Instruction Sets from Language Model Activationssummary matched "prompt injection";has PDF;has rich summary
2026-06-05
Agent Runtime Security5 篇
《GuardNet: Ensemble Strategies of Shallow Neural Networks for Robust Prompt Injection and Jailbreak Detection》〔评测 / 数据 / 应用 / 方法〕:Large Language Models (LLMs) have transformed natural language processing, but they remai…
- GuardNet: Ensemble Strategies of Shallow Neural Networks for Robust Prompt Injection and Jailbreak Detectiontitle matched "prompt injection";title matched "jailbreak";summary matched "guardrail"
- From Risk Classification to Action Plan Remediation: A Guardrail Feedback Driven Framework for LLM Agentstitle matched "guardrail";has PDF;has rich summary
- Safety Paradox: How Enhanced Safety Awareness Leaves LLMs Vulnerable to Posterior Attacksummary matched "jailbreak";summary matched "guardrail";has PDF
- Beyond Similarity: Trustworthy Memory Search for Personal AI Agentssummary matched "jailbreak";has PDF;has rich summary
- The Granularity Gap: A Multi-Dimensional Longitudinal Audit of Sycophancy in Gemini Modelssummary matched "guardrail";has PDF;has rich summary
2026-06-04
Agent Runtime Security6 篇
《MaskForge: Structure-Aware Adaptive Attacks for Jailbreaking Diffusion Large Language Models》〔评测 / 应用 / 方法〕:Diffusion large language models (dLLMs) generate text by iteratively denoising partially masked sequences unde…
- MaskForge: Structure-Aware Adaptive Attacks for Jailbreaking Diffusion Large Language Modelstitle matched "jailbreak";has PDF;has rich summary
- What If Prompt Injection Never Left? Exploring Cross-Session Stored Prompt Injection in Agentic Systemstitle matched "prompt injection";has PDF;has rich summary
- Caught in the Act(ivation): Toward Pre-Output and Multi-Turn Detection of Credential Exfiltration by LLM Agentssummary matched "prompt injection";summary matched "indirect prompt injection";has PDF
- AgentJet: A Flexible Swarm Training Framework for Agentic Reinforcement Learningsummary matched "agent runtime";has PDF;has rich summary
- From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agentssummary matched "prompt injection";has PDF;has rich summary
2026-06-03
Agent Runtime Security8 篇
《D-Judge: Disrupting Multi-Turn Jailbreaks using Semantics-Preserving Output Rewriting》〔评测 / 数据 / 方法〕:Multi-turn jailbreak attacks pose a growing threat to large language model (LLM) safety because they exploit feedback…
- D-Judge: Disrupting Multi-Turn Jailbreaks using Semantics-Preserving Output Rewritingtitle matched "jailbreak";has PDF;has rich summary
- MedCUA-Bench: A Screenshot-Only Benchmark for Clinical Computer-Use Agentstitle matched "computer-use agent";has PDF;has rich summary
- MultiTurnPSB: Evaluating Multi-Turn Jailbreak Attacks an dClassifier-Based Defenses for Medical AI Safetytitle matched "jailbreak";has PDF;has rich summary
- From Control Boundary to Insurance Claim: Reconstructing AI-Mediated Losses Through the CER Frameworksummary matched "prompt injection";summary matched "malicious tool";has PDF
- Acceptance-Test-Driven Evaluation Protocols for Business-Centric LLM Systemssummary matched "guardrail";has PDF;has rich summary
2026-06-02
Agent Runtime Security6 篇
《Jailbreaking Multimodal Large Language Models using Multi-Clip Video》〔数据 / 应用 / 方法〕:As multimodal large language models (MLLMs) have advanced to process video inputs, concerns have emerged about their potential for mal…
- Jailbreaking Multimodal Large Language Models using Multi-Clip Videotitle matched "jailbreak";has PDF;has rich summary
- SentGuard: Sentence-Level Streaming Guardrails for Large Language Modelstitle matched "guardrail";has PDF;has rich summary
- AgentRedBench: Dynamic Redteaming and Integration-Aware Defense for LLM Agents over SaaS Integrationssummary matched "prompt injection";summary matched "indirect prompt injection";has PDF
- SafeMCP: Proactive Power Regulation for LLM Agent Defense via Environment-Grounded Look-Ahead Reasoningtitle matched "agent defense";has PDF;has rich summary
- SeClaw: Spec-Driven Security Task Synthesis for Evaluating Autonomous Agentssummary matched "agent security";has PDF;has rich summary
2026-05-29
Agent Runtime Security4 篇
《Provably Secure Agent Guardrail》〔评测 / 应用 / 方法〕:As large language models transition from bounded generative engines to agents with expansive execution privileges, AI going out of control precipitates a funda…;《Robust an…
- Provably Secure Agent Guardrailtitle matched "secure agent";title matched "guardrail";has PDF
- Robust and Efficient Guardrails with Latent Reasoningtitle matched "guardrail";has PDF;has rich summary
- AgentDoG 1.5: A Lightweight and Scalable Alignment Framework for AI Agent Safety and Securitysummary matched "guardrail";has PDF;has rich summary
- Beyond Attack Success Rate: Temporal Logit Observability for LLM Safety Failuressummary matched "jailbreak";has PDF;has rich summary
2026-05-28
Agent Runtime Security5 篇
《Learn from Weaknesses: Automated Domain Specialization for Small Computer-Use Agents》〔数据 / 方法〕:Computer-use agents (CUAs) have recently made substantial progress, but deploying a separate large expert for each software…
- Learn from Weaknesses: Automated Domain Specialization for Small Computer-Use Agentstitle matched "computer-use agent";has PDF;has rich summary
- Code as a Weapon: A Consensus-Labeled Prompt Bank for Measuring Coding-Model Compliance with Malicious-Code Requestssummary matched "jailbreak";has PDF;has rich summary
- The Ethics of LLM Sandbox and Persona Dynamicssummary matched "guardrail";has PDF;has rich summary
- LACUNA: Safe Agents as Recursive Program Holessummary matched "prompt injection";has PDF;has rich summary
- Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystemsummary matched "data exfiltration";has PDF;has rich summary
2026-05-27
Agent Runtime Security7 篇
《EviACT: An Evidence-to-Action Framework for Agentic Program Repair》〔评测 / 方法〕:LLM-based agents have moved automated program repair (APR) from fixed-context patch generation to interactive repository-level repair. Howeve…
- EviACT: An Evidence-to-Action Framework for Agentic Program Repairsummary matched "guardrail";has PDF;has rich summary
- Governed Evolution of Agent Runtimes through Executable Operational Cognitiontitle matched "agent runtime";has PDF;has rich summary
- Prompt Injection Detection is Regime-Dependent: A Deployment-Aware Evaluation with Interpretable Structural Signalstitle matched "prompt injection";has PDF;has rich summary
- BAIT: Boundary-Guided Disclosure Escalation via Self-Conditioned Reasoningsummary matched "jailbreak";has PDF;has rich summary
- AlbanianLLMSafety: A Safety Evaluation Dataset for Large Language Models in Albaniansummary matched "guardrail";has PDF;has rich summary
2026-05-26
Agent Runtime Security3 篇
《CUA-Gym: Scaling Verifiable Training Environments and Tasks for Computer-Use Agents》〔评测 / 数据 / 应用 / 方法〕:Reinforcement learning with verifiable rewards (RLVR) has driven breakthroughs in domains such as math, tool-use,…
- CUA-Gym: Scaling Verifiable Training Environments and Tasks for Computer-Use Agentstitle matched "computer-use agent";has PDF;has rich summary
- How Agentic AI Coding Assistants Become the Attacker's Shellsummary matched "prompt injection";has PDF;has rich summary
- AgentHijack: Benchmarking Computer Use Agent Robustness to Common Environment Corruptionssummary matched "computer-use agent";has PDF;has rich summary
2026-05-22
Agent Runtime Security3 篇
《DeltaBox: Scaling Stateful AI Agents with Millisecond-Level Sandbox Checkpoint/Rollback》〔评测 / 应用 / 方法〕:LLM-powered AI agents require high-frequency state exploration (e.g., test-time tree search and reinforcement learn…
- DeltaBox: Scaling Stateful AI Agents with Millisecond-Level Sandbox Checkpoint/Rollbacksummary matched "agent sandbox";has PDF;has rich summary
- HarnessAPI: A Skill-First Framework for Unified Streaming APIs and MCP Toolssummary matched "agent runtime";has PDF;has rich summary
- Contractual Skills: A GovernSpec Design Framework for Enterprise AI Agentssummary matched "guardrail";has PDF;has rich summary
2026-05-21
Agent Runtime Security1 篇
《Agent JIT Compilation for Latency-Optimizing Web Agent Planning and Scheduling》〔应用 / 方法〕:Computer-use agents (CUA) automate tasks specified with natural language such as "order the cheapest item from Taco Bell" by gene…
- Agent JIT Compilation for Latency-Optimizing Web Agent Planning and Schedulingsummary matched "computer-use agent";has PDF;has rich summary
2026-05-20
Agent Runtime Security7 篇
《Attention-Guided Reward for Reinforcement Learning-based Jailbreak against Large Reasoning Models》〔评测 / 方法〕:Large Reasoning Models (LRMs) have demonstrated remarkable capabilities in solving complex problems by generat…
- Attention-Guided Reward for Reinforcement Learning-based Jailbreak against Large Reasoning Modelstitle matched "jailbreak";has PDF;has rich summary
- OpenComputer: Verifiable Software Worlds for Computer-Use Agentstitle matched "computer-use agent";has PDF;has rich summary
- Robotics-Inspired Guardrails for Foundation Models in Socially Sensitive Domainstitle matched "guardrail";has PDF;has rich summary
- A Methodology for Selecting and Composing Runtime Architecture Patterns for Production LLM Agentssummary matched "agent runtime";has PDF;has rich summary
- Formal Skill: Programmable Runtime Skills for Efficient and Accurate LLM Agentssummary matched "policy enforcement";has PDF;has rich summary
2026-05-19
Agent Runtime Security4 篇
《An Empirical Study of Privacy Leakage Chains via Prompt Injection in Black-Box Chatbot Environments》〔方法〕:LLM-based chatbot agents increasingly process user requests by combining natural-language reasoning with external…
- An Empirical Study of Privacy Leakage Chains via Prompt Injection in Black-Box Chatbot Environmentstitle matched "prompt injection";summary matched "indirect prompt injection";summary matched "jailbreak"
- Multilingual jailbreaking of LLMs using low-resource languagestitle matched "jailbreak";summary matched "guardrail";has PDF
- Overeager Coding Agents: Measuring Out-of-Scope Actions on Benign Taskssummary matched "prompt injection";has PDF;has rich summary
- Acoustic Interference: A New Paradigm Weaponizing Acoustic Latent Semantic for Universal Jailbreak against Large Audio Language Modelstitle matched "jailbreak";has PDF;has rich summary
2026-05-14
Agent Runtime Security2 篇
《Sleeper Channels and Provenance Gates: Persistent Prompt Injection in Always-on Autonomous AI Agents》〔评测 / 应用 / 方法〕:Always-on AI agents (OpenClaw, Hermes Agent) run as a single persistent process under the owner's iden…
- Sleeper Channels and Provenance Gates: Persistent Prompt Injection in Always-on Autonomous AI Agentstitle matched "prompt injection";has PDF;has rich summary
- LLM-Based Persuasion Enables Guardrail Override in Frontier LLMstitle matched "guardrail";has PDF;has rich summary
2026-05-13
Agent Runtime Security2 篇
《Metaphor Is Not All Attention Needs》〔应用 / 方法〕:Large language models are increasingly deployed in safety-critical applications, where their ability to resist harmful instructions is essential. Although post…;《A microser…
- Metaphor Is Not All Attention Needssummary matched "jailbreak";has PDF;has rich summary
- A microservices-based endpoint monitoring platform with predictive NLP models for real-time security and hate-speech risk alertingsummary matched "data exfiltration";has PDF;has rich summary
2026-05-12
Agent Runtime Security6 篇
《Break the Brake, Not the Wheel: Untargeted Jailbreak via Entropy Maximization》〔评测 / 方法〕:Recent studies show that gradient-based universal image jailbreaks on vision-language models (VLMs) exhibit little or no cross-mod…
- Break the Brake, Not the Wheel: Untargeted Jailbreak via Entropy Maximizationtitle matched "jailbreak";has PDF;has rich summary
- Intrinsic Guardrails: How Semantic Geometry of Personality Interacts with Emergent Misalignment in LLMstitle matched "guardrail";has PDF;has rich summary
- Re-Triggering Safeguards within LLMs for Jailbreak Detectiontitle matched "jailbreak";has PDF;has rich summary
- Guaranteed Jailbreaking Defense via Disrupt-and-Rectify Smoothingtitle matched "jailbreak";has PDF;has rich summary
- RUBEN: Rule-Based Explanations for Retrieval-Augmented LLM Systemssummary matched "prompt injection";has PDF;has rich summary
2026-05-08
Agent Runtime Security1 篇
《Constraining Host-Level Abuse in Self-Hosted Computer-Use Agents via TEE-Backed Isolation》〔评测 / 应用 / 方法〕:Self-hosted computer-use agents (SHCUAs), such as OpenClaw, combine natural-language interaction with direct acce…
- Constraining Host-Level Abuse in Self-Hosted Computer-Use Agents via TEE-Backed Isolationtitle matched "computer-use agent";summary matched "prompt injection";summary matched "indirect prompt injection"