{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2026:PC7WX4DDGGI5B7F6LU7LM2AIN5","short_pith_number":"pith:PC7WX4DD","schema_version":"1.0","canonical_sha256":"78bf6bf0633191d0fcbe5d3eb668086f58f8518ac3c946d1a5e39572870506a5","source":{"kind":"arxiv","id":"2606.10749","version":1},"attestation_state":"computed","paper":{"title":"Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Chunrong Fang, Shengcheng Yu, Yuchen Ling, Zhenyu Chen","submitted_at":"2026-06-09T12:01:07Z","abstract_excerpt":"Large language model (LLM) agents are rapidly moving from conversational interfaces to software components that plan, invoke tools, maintain memory, and act on external environments. This transition changes the nature of security risk. In agentic settings, failures are no longer limited to unsafe text generation. Untrusted content may redirect control flow, misuse tool privileges, corrupt persistent state, leak sensitive information, or trigger harmful external actions. At the same time, research on LLM agent security is expanding quickly but remains fragmented across attack families, defense "},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"2606.10749","kind":"arxiv","version":1},"metadata":{"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.CR","submitted_at":"2026-06-09T12:01:07Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"e172a1f9a165bee0f1cbfc59a85d2c30ab3966aedef71b82f7f01380e23d717c","abstract_canon_sha256":"a42edbe18db53bab69ef02c187996a6fafc582e28d764d43028019c23981a81c"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-06-10T01:10:38.316482Z","signature_b64":"GIPJyjhwE9wxeS+pSPQ8jJwyUnC8t57Z47+4yt2ILhcXBC4F2WoubvGlOanO5tYcYfPVvlqf9j6dG0iZ/aPFBw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"78bf6bf0633191d0fcbe5d3eb668086f58f8518ac3c946d1a5e39572870506a5","last_reissued_at":"2026-06-10T01:10:38.315621Z","signature_status":"signed_v1","first_computed_at":"2026-06-10T01:10:38.315621Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Chunrong Fang, Shengcheng Yu, Yuchen Ling, Zhenyu Chen","submitted_at":"2026-06-09T12:01:07Z","abstract_excerpt":"Large language model (LLM) agents are rapidly moving from conversational interfaces to software components that plan, invoke tools, maintain memory, and act on external environments. This transition changes the nature of security risk. In agentic settings, failures are no longer limited to unsafe text generation. Untrusted content may redirect control flow, misuse tool privileges, corrupt persistent state, leak sensitive information, or trigger harmful external actions. At the same time, research on LLM agent security is expanding quickly but remains fragmented across attack families, defense "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2606.10749","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2606.10749/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"2606.10749","created_at":"2026-06-10T01:10:38.315751+00:00"},{"alias_kind":"arxiv_version","alias_value":"2606.10749v1","created_at":"2026-06-10T01:10:38.315751+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2606.10749","created_at":"2026-06-10T01:10:38.315751+00:00"},{"alias_kind":"pith_short_12","alias_value":"PC7WX4DDGGI5","created_at":"2026-06-10T01:10:38.315751+00:00"},{"alias_kind":"pith_short_16","alias_value":"PC7WX4DDGGI5B7F6","created_at":"2026-06-10T01:10:38.315751+00:00"},{"alias_kind":"pith_short_8","alias_value":"PC7WX4DD","created_at":"2026-06-10T01:10:38.315751+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5","json":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5.json","graph_json":"https://pith.science/api/pith-number/PC7WX4DDGGI5B7F6LU7LM2AIN5/graph.json","events_json":"https://pith.science/api/pith-number/PC7WX4DDGGI5B7F6LU7LM2AIN5/events.json","paper":"https://pith.science/paper/PC7WX4DD"},"agent_actions":{"view_html":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5","download_json":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5.json","view_paper":"https://pith.science/paper/PC7WX4DD","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=2606.10749&json=true","fetch_graph":"https://pith.science/api/pith-number/PC7WX4DDGGI5B7F6LU7LM2AIN5/graph.json","fetch_events":"https://pith.science/api/pith-number/PC7WX4DDGGI5B7F6LU7LM2AIN5/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5/action/timestamp_anchor","attest_storage":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5/action/storage_attestation","attest_author":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5/action/author_attestation","sign_citation":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5/action/citation_signature","submit_replication":"https://pith.science/pith/PC7WX4DDGGI5B7F6LU7LM2AIN5/action/replication_record"}},"created_at":"2026-06-10T01:10:38.315751+00:00","updated_at":"2026-06-10T01:10:38.315751+00:00"}