pith:UV5HTIH5
How Your Credentials Are Leaked by LLM Agent Skills: An Empirical Study
Third-party LLM agent skills leak credentials in over 500 cases through debug logs and prompt injections.
arxiv:2604.03070 v2 · 2026-04-03 · cs.CR · cs.AI
Add to your LaTeX paper
\usepackage{pith}
\pithnumber{UV5HTIH5HEBJ4VCVLYWY3H5VL3}
Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge
Record completeness
Claims
We identify 520 vulnerable skills with 1,708 issues and derive a taxonomy of 10 leakage patterns (4 accidental and 6 adversarial).
The 17,022 sampled skills from SkillsMP are representative of the broader population of 170k skills and that static analysis plus sandbox testing reliably detects all leakage patterns.
Analysis of 17k LLM agent skills reveals 520 vulnerable ones with 1,708 leakage issues, primarily from debug output exposure, with a 10-pattern taxonomy and released dataset for future detection.
Cited by
Receipt and verification
| First computed | 2026-06-23T01:12:04.268767Z |
|---|---|
| Builder | pith-number-builder-2026-05-17-v1 |
| Signature | Pith Ed25519
(pith-v1-2026-05) · public key |
| Schema | pith-number/v1.0 |
Canonical hash
a57a79a0fd39029e54555e2d8d9fb55ec9029d25ce0a8dae51914938b8135186
Aliases
· · · · ·Agent API
Verify this Pith Number yourself
curl -sH 'Accept: application/ld+json' https://pith.science/pith/UV5HTIH5HEBJ4VCVLYWY3H5VL3 \
| jq -c '.canonical_record' \
| python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: a57a79a0fd39029e54555e2d8d9fb55ec9029d25ce0a8dae51914938b8135186
Canonical record JSON
{
"metadata": {
"abstract_canon_sha256": "1570c4c70c1074c203f209fddda5c744f87a528a5514423c06321f7095504a67",
"cross_cats_sorted": [
"cs.AI"
],
"license": "http://creativecommons.org/licenses/by/4.0/",
"primary_cat": "cs.CR",
"submitted_at": "2026-04-03T14:50:16Z",
"title_canon_sha256": "b5aaf6af66734f05c159eb380164cfdafadd89b4799cd9d3b274152cf13fde8b"
},
"schema_version": "1.0",
"source": {
"id": "2604.03070",
"kind": "arxiv",
"version": 2
}
}