pith. sign in
Pith Number

pith:UV5HTIH5

pith:2026:UV5HTIH5HEBJ4VCVLYWY3H5VL3
not attested not anchored not stored refs pending

How Your Credentials Are Leaked by LLM Agent Skills: An Empirical Study

Gelei Deng, Jianting Ning, Lei Ma, Leo Yu Zhang, Yanjun Zhang, Yi Liu, Ying Zhang, Yuekang Li, Zhihao Chen, Zhiqiang Li

Third-party LLM agent skills leak credentials in over 500 cases through debug logs and prompt injections.

arxiv:2604.03070 v2 · 2026-04-03 · cs.CR · cs.AI

Add to your LaTeX paper
\usepackage{pith}
\pithnumber{UV5HTIH5HEBJ4VCVLYWY3H5VL3}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

We identify 520 vulnerable skills with 1,708 issues and derive a taxonomy of 10 leakage patterns (4 accidental and 6 adversarial).

C2weakest assumption

The 17,022 sampled skills from SkillsMP are representative of the broader population of 170k skills and that static analysis plus sandbox testing reliably detects all leakage patterns.

C3one line summary

Analysis of 17k LLM agent skills reveals 520 vulnerable ones with 1,708 leakage issues, primarily from debug output exposure, with a 10-pattern taxonomy and released dataset for future detection.

Cited by

9 papers in Pith

Receipt and verification
First computed 2026-06-23T01:12:04.268767Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

a57a79a0fd39029e54555e2d8d9fb55ec9029d25ce0a8dae51914938b8135186

Aliases

arxiv: 2604.03070 · arxiv_version: 2604.03070v2 · doi: 10.48550/arxiv.2604.03070 · pith_short_12: UV5HTIH5HEBJ · pith_short_16: UV5HTIH5HEBJ4VCV · pith_short_8: UV5HTIH5
Agent API
Verify this Pith Number yourself
curl -sH 'Accept: application/ld+json' https://pith.science/pith/UV5HTIH5HEBJ4VCVLYWY3H5VL3 \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: a57a79a0fd39029e54555e2d8d9fb55ec9029d25ce0a8dae51914938b8135186
Canonical record JSON
{
  "metadata": {
    "abstract_canon_sha256": "1570c4c70c1074c203f209fddda5c744f87a528a5514423c06321f7095504a67",
    "cross_cats_sorted": [
      "cs.AI"
    ],
    "license": "http://creativecommons.org/licenses/by/4.0/",
    "primary_cat": "cs.CR",
    "submitted_at": "2026-04-03T14:50:16Z",
    "title_canon_sha256": "b5aaf6af66734f05c159eb380164cfdafadd89b4799cd9d3b274152cf13fde8b"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2604.03070",
    "kind": "arxiv",
    "version": 2
  }
}