MemVenom poisons multimodal memories in web agents via a two-stage trigger-conditioned retrieval and post-retrieval induction attack, achieving up to 99.15% success on GPT-5-family agents while preserving benign performance.
The Task Shield: Enforcing Task Alignment to Defend Against Indirect Prompt Injection in
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
citation-role summary
background 1
citation-polarity summary
fields
cs.CR 2years
2026 2verdicts
UNVERDICTED 2roles
background 1polarities
background 1representative citing papers
A synthesis of 247 papers on LLM agent security identifies prompt injection and tool hijacking as dominant threats, notes weakly compositional defenses, and argues for trust boundaries and realistic evaluations.
citing papers explorer
-
MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents
MemVenom poisons multimodal memories in web agents via a two-stage trigger-conditioned retrieval and post-retrieval induction attack, achieving up to 99.15% success on GPT-5-family agents while preserving benign performance.
-
Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation
A synthesis of 247 papers on LLM agent security identifies prompt injection and tool hijacking as dominant threats, notes weakly compositional defenses, and argues for trust boundaries and realistic evaluations.