HCP enforces eight execution-layer security invariants in MCP-style agent systems and blocks all ten benchmark attacks, unlike naive and mitigated connection-layer baselines.
A lattice model of secure information flow
10 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
verdicts
UNVERDICTED 10roles
background 2polarities
background 2representative citing papers
Extended type-based information flow analysis for pi-calculus to support dynamically extensible security lattices.
Presents a distributionally robust optimization method for sound probabilistic verification of Datalog policies in AI agents that bounds violation risk regardless of predicate correlations.
AuthGraph aligns an execution provenance graph with a clean authorization graph to detect parameter-source deviations from user intent, reducing attack success rates to 1-2% on AgentDojo and AgentDyn while retaining most task utility.
Introduces a certified purity architecture with restricted WebAssembly, cryptographic purity certificates, verification gates, and attestation to enforce effect-free executors in cognitive workflows, claiming proofs of bypass elimination and low-overhead evaluation on four executors.
ACE decouples planning into abstract and concrete phases with static information-flow verification and enforces execution barriers to secure LLM app systems against prompt injection and related attacks.
This survey defines execution provenance as a typed graph of agent execution and evidence tracing as its projection onto evidence-support relations, then reviews methods, taxonomy, benchmarks, and challenges for auditable LLM agents.
Symbolic guardrails enforce 74% of specified safety policies in agent benchmarks and boost safety without hurting utility.
Vulnsage, a multi-agent framework, generates 34.64% more exploits than prior tools and verified 146 zero-day vulnerabilities in real-world open-source libraries.
The paper argues that agent security is best addressed as a systems problem by applying principles from operating systems, networks, and formal methods rather than relying solely on model robustness improvements.
citing papers explorer
-
From Tool Connection to Execution Control: Benchmarking Security Invariants in MCP-Style Agent Runtimes
HCP enforces eight execution-layer security invariants in MCP-style agent systems and blocks all ten benchmark attacks, unlike naive and mitigated connection-layer baselines.
-
Type-based information flow analysis for $\pi$-calculus with a dynamically extensible security lattice
Extended type-based information flow analysis for pi-calculus to support dynamically extensible security lattices.
-
Efficient and Sound Probabilistic Verification for AI Agents
Presents a distributionally robust optimization method for sound probabilistic verification of Datalog policies in AI agents that bounds violation risk regardless of predicate correlations.
-
Aligning Provenance with Authorization: A Dual-Graph Defense for LLM Agents
AuthGraph aligns an execution provenance graph with a clean authorization graph to detect parameter-source deviations from user intent, reducing attack success rates to 1-2% on AgentDojo and AgentDyn while retaining most task utility.
-
Certified Purity for Cognitive Workflow Executors: From Static Analysis to Cryptographic Attestation
Introduces a certified purity architecture with restricted WebAssembly, cryptographic purity certificates, verification gates, and attestation to enforce effect-free executors in cognitive workflows, claiming proofs of bypass elimination and low-overhead evaluation on four executors.
-
From Agent Traces to Trust: A Survey of Evidence Tracing and Execution Provenance in LLM Agents
This survey defines execution provenance as a typed graph of agent execution and evidence tracing as its projection onto evidence-support relations, then reviews methods, taxonomy, benchmarks, and challenges for auditable LLM agents.
-
Symbolic Guardrails for Domain-Specific Agents: Stronger Safety and Security Guarantees Without Sacrificing Utility
Symbolic guardrails enforce 74% of specified safety policies in agent benchmarks and boost safety without hurting utility.
-
A Multi-Agent Framework for Automated Exploit Generation with Constraint-Guided Comprehension and Reflection
Vulnsage, a multi-agent framework, generates 34.64% more exploits than prior tools and verified 146 zero-day vulnerabilities in real-world open-source libraries.
-
Agent Security is a Systems Problem
The paper argues that agent security is best addressed as a systems problem by applying principles from operating systems, networks, and formal methods rather than relying solely on model robustness improvements.