Doomarena: A framework for testing ai agents against evolving security threats

Leo Boisvert, Mihir Bansal, Chandra Kiran Reddy Evuru, Gabriel Huang, Abhay Puri, Avinandan Bose, Maryam Fazel, Quentin Cappart, Jason Stanley, Alexandre Lacoste, et al · 2025 · arXiv 2504.14064

4 Pith papers cite this work. Polarity classification is still indexing.

4 Pith papers citing it

read on arXiv browse 4 citing papers

citation-role summary

baseline 1

citation-polarity summary

baseline 1

representative citing papers

DRIP-R: A Benchmark for Decision-Making and Reasoning Under Real-World Policy Ambiguity in the Retail Domain

cs.CL · 2026-05-08 · unverdicted · novelty 7.0

DRIP-R is a new benchmark showing that frontier LLMs systematically disagree on how to resolve identical ambiguous retail policy scenarios, highlighting ambiguity as a core challenge for agent decision-making.

WAAA! Web Adversaries Against Agentic Browsers

cs.CR · 2026-05-06 · unverdicted · novelty 7.0

Agentic browsers are vulnerable to 20 web and LLM attacks with 18 implemented, exposing five failure modes across four major LLM models that require redesign before safe deployment.

Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration

cs.CR · 2026-05-03 · unverdicted · novelty 6.0 · 2 refs

The paper defines and evaluates Trojan Hippo attacks on LLM agent memory, showing 85-100% success in data exfiltration across backends and reduced rates with defenses at varying utility costs.

Malice in Agentland: Down the Rabbit Hole of Backdoors in the AI Supply Chain

cs.CR · 2025-10-03 · conditional · novelty 6.0

Adversaries can poison finetuning data, base models, or environments to backdoor AI agents, achieving over 80% success in leaking confidential information on two agentic benchmarks.

citing papers explorer

Showing 4 of 4 citing papers.

DRIP-R: A Benchmark for Decision-Making and Reasoning Under Real-World Policy Ambiguity in the Retail Domain cs.CL · 2026-05-08 · unverdicted · none · ref 14
DRIP-R is a new benchmark showing that frontier LLMs systematically disagree on how to resolve identical ambiguous retail policy scenarios, highlighting ambiguity as a core challenge for agent decision-making.
WAAA! Web Adversaries Against Agentic Browsers cs.CR · 2026-05-06 · unverdicted · none · ref 25
Agentic browsers are vulnerable to 20 web and LLM attacks with 18 implemented, exposing five failure modes across four major LLM models that require redesign before safe deployment.
Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration cs.CR · 2026-05-03 · unverdicted · none · ref 7 · 2 links
The paper defines and evaluates Trojan Hippo attacks on LLM agent memory, showing 85-100% success in data exfiltration across backends and reduced rates with defenses at varying utility costs.
Malice in Agentland: Down the Rabbit Hole of Backdoors in the AI Supply Chain cs.CR · 2025-10-03 · conditional · none · ref 1
Adversaries can poison finetuning data, base models, or environments to backdoor AI agents, achieving over 80% success in leaking confidential information on two agentic benchmarks.

Doomarena: A framework for testing ai agents against evolving security threats

citation-role summary

citation-polarity summary

fields

years

verdicts

roles

polarities

representative citing papers

citing papers explorer