惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LINUX DO - 最新话题
GbyAI
GbyAI
博客园 - 叶小钗
酷 壳 – CoolShell
酷 壳 – CoolShell
IT之家
IT之家
云风的 BLOG
云风的 BLOG
Jina AI
Jina AI
I
InfoQ
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Recent Announcements
Recent Announcements
F
Full Disclosure
博客园_首页
F
Fortinet All Blogs
The Cloudflare Blog
MyScale Blog
MyScale Blog
T
The Blog of Author Tim Ferriss
月光博客
月光博客
J
Java Code Geeks
C
CERT Recently Published Vulnerability Notes
博客园 - 聂微东
aimingoo的专栏
aimingoo的专栏
L
LINUX DO - 热门话题
Attack and Defense Labs
Attack and Defense Labs
C
Comments on: Blog
量子位
B
Blog RSS Feed
Hacker News: Ask HN
Hacker News: Ask HN
O
OpenAI News
人人都是产品经理
人人都是产品经理
A
Arctic Wolf
G
Google Developers Blog
Latest news
Latest news
H
Hackread – Cybersecurity News, Data Breaches, AI and More
S
Security Affairs
B
Blog
V
V2EX
Forbes - Security
Forbes - Security
博客园 - 司徒正美
雷峰网
雷峰网
D
Docker
宝玉的分享
宝玉的分享
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Martin Fowler
Martin Fowler
Microsoft Azure Blog
Microsoft Azure Blog
A
About on SuperTechFans
MongoDB | Blog
MongoDB | Blog
W
WeLiveSecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
The Hacker News
The Hacker News
大猫的无限游戏
大猫的无限游戏

cs updates on arXiv.org

Evaluating Large Language Models in a Complex Hidden Role Game A Survey of Text and Speech Resources for Hausa and Fongbe: Availability, Quality, and Gaps for NLP Development Query-Adaptive Semantic Chunking for Retrieval-Augmented Generation: A Dynamic Strategy with Contextual Window Expansion Knowledge Distillation for Low-Resource Open-source Text-to-SQL Model How Far Will They Go? Red-Teaming Online Influence with Large Language Models RAS: Reflection-Augmented Scaling with In-Context Learning for Executable Cypher Query Generation Learnability-Informed Fine-Tuning of Diffusion Language Models Graph Alignment Topology as an Inductive Bias for Grounding Detection Can AI Guess What You Know? Performance Comparison of Large Language Models for Human Domain Knowledge Estimation From Communication Logs When AI Takes Sides on Questions of Faith: Persistent Asymmetries in AI-Mediated Faith Guidance A Reproducible Universal Dependencies-Style Pipeline for Katharevousa Greek Parliamentary Text Memorization Dynamics of Fill-in-the-Middle Pretraining A Proactive Multi-Agent Dialogue Framework for Assessing Social Language Disorder Traits in Autism Brain-LLM Alignment Tracks Training Data, Not Typology Sparse Autoencoders Map Brain-LLM Alignment onto Cortical Semantic Topography Multilingual Steering by Design: Multilingual Sparse Autoencoders and Principled Layer Selection Do Language Models Know What Not to Say? Causal Evidence for Statistical Preemption in LLMs HawkesLLM: Semantic Uncertainty Propagation in Agentic Text Simulation DreamerNLplus: Interpretable Modeling of Mental Health Dynamics from Social Media Timelines using Hybrid Rule-Based and RAG Methods Model Collapse as Cultural Evolution BOHM: Zero-Cost Hierarchical Attribution for Compound AI Systems What Training Data Teaches RL Memory Agents: An Empirical Study of Curriculum Effects in Memory-Augmented QA NeuroNL2LTL: A Neurosymbolic Framework for Natural Language Translation of Linear Temporal Logic RMA: an Agentic System for Research-Level Mathematical Problems DFKI-MLT at SemEval-2026 TASK 7: Steering Multilingual Models Towards Cultural Knowledge SciAtlas: A Large-Scale Knowledge Graph for Automated Scientific Research The Efficiency Frontier: A Unified Framework for Cost-Performance Optimization in LLM Context Management Energy per Successful Goal: Goal-Level Energy Accounting for Agentic AI Systems A Comparative Evaluation of Structural Topic Models and BERTopic for Short, Open-Ended Survey Responses ImProver 2: Iteratively Self-Improving LMs for Neurosymbolic Proof Optimization A Fine-Tuned BERT Classifier for Personal-Letter Titles in Late-Ming and Early-Qing Collected Works As X, Do Y: How Persona and Task Combine in Instruction-Tuned LLMs Mediative Fuzzy Logic: From Type-1 Foundations to Type-2, Type-3 and Quantum Extensions When Symptoms Are Not Enough: Evidence-Weighting Patterns in Large Language Model Psychiatric Screening EVE-Agent: Evidence-Verifiable Self-Evolving Agents Same Model, Different Weakness: How Language and Modality Reshape the Jailbreak Attack Surface in Frontier MLLMs The Deterministic Horizon: Impossibility Results as Design Specifications for Trustworthy AI Systems Fast-dDrive: Efficient Block-Diffusion VLM for Autonomous Driving PathCal: State-Aware Reflection-Marker Calibration for Efficient Reasoning Positional Failures in Long-Context LLMs: A Blind Spot in Reasoning Benchmarks Inductive Deductive Synthesis: Enabling AI to Generate Formally Verified Systems Self-Improving In-Context Learning Redrawing the AI Map: A Theory of Accountability Boundaries in Agentic Ecosystems Hidden Human-Like Nature of Machine-Generated Texts: Theory and Detection Enhancement AutoResearch AI: Towards AI-Powered Research Automation for Scientific Discovery When Is Next-Token Prediction Useful? Marginalization, Ergodicity, Mixture Identifiability, Local Sufficiency, RAG, Tools, and Programming Foundation Protocol: A Coordination Layer for Agentic Society Convergence Without Understanding: When Language Models Agree on Representations but Disagree on Reasoning GENSTRAT: Toward a Science of Strategic Reasoning in Large Language Models AraHopeCorpus: Annotation Guidelines and Dataset for Hope Speech in Arabic Social Media Crisis Discourse Design and Report Benchmarks for Knowledge Work ClimateChat-300K: A Multi-Modal Facebook Dataset for Understanding Diverse Perspectives in Climate Communication Parallel Context Compaction for Long-Horizon LLM Agent Serving Emotion Recognition in Sign Language Conversation Ontological Knowledge Blocks: Executable Compliance and Profile-Based Validation for Trustworthy AI Systems GEM-4D: Geometry-Enhanced Video World Models for Robot Manipulation Cultural Adaptation in Large Language Models for Political Discourse DART: Semantic Recoverability for Structured Tool Agents Seeing without Looking: Do Vision-Language Benchmarks Really Test Vision? From Correctness to Preference: A Framework for Personalized Agentic Reinforcement Learning Human-in-the-Loop Multi-Agent Ventilator Decision Support with Contextual Bandit Preference Learning Suicide Risk Assessment from AI-powered Video Surveillance: An Interpretable Framework for Prevention in Metro Stations Metacognition as Reward: Reinforcing LLM Reasoning via Knowledge and Regulation Signals When Planning Fails Despite Correct Execution: On Epistemic Calibration for LLM-Based Multi-Agent Systems VideoOdyssey: A Benchmark for Ultra-Long-Context and Omni-Modal Video Understanding EquiSumm : A Gender Bias-Aware Framework for Inclusive Tweet Summarization EDGE-OPD: Internalizing Privileged Context with Evidence Guided On-Policy Distillation Improved Vision-to-Chart Buoy Association with Learned World-to-Image Projection Articulatory strategy as a source of variation in acoustic vowel dynamics GazeBehavior Annotation Toolkit (GBAT): AI-powered toolkit for automatic annotation of egocentric eye-tracking and video data of child-caregiver interaction CP or DP? Why Not Both: A Case Study in the Partial Shop Scheduling Problem Naturalistic measure of social norms alignment CoMoGen: COntrollable MOtion Dynamics and Interactions with Mask-Guided Video GENeration Co-ReAct: Rubrics as Step-Level Collaborators for ReAct Agents SSDAU: Structured Semantic Data Augmentation for Joint Entity and Relation Extraction Scene Reconstruction as Mapping Priors for 3D Detection Solving the Aircraft Disassembly Scheduling Problem ARES: Automated Rubric Synthesis for Scalable LLM Reinforcement Learning The TIME Machine: On The Power of Motion for Efficient Perception One Policy, Infinite NPCs: Persona-Traceable Shared RL Policies for Scalable Game Agents Asking For An Old Friend: Diagnosing and Mitigating Temporal Failure Modes in LLM-based Statutory Question Answering Millimeter-wave Imaging for Anthropometric Body Measurement MemAudit: Post-hoc Auditing of Poisoned Agent Memory via Causal Attribution and Structural Anomaly Detection Structure-Guided Entity Resolution: Fine-Tuning LLMs for Robust Name Matching in Complex Linguistic Contexts Dithering Defense: Adversarial Robustness of Vision Foundation Models via Multi-Level Floyd-Steinberg Dithering Agentic Proving for Program Verification Benchmarking Google Embeddings 2 against Open-Source Models for Multilingual Dense Retrieval and RAG Systems RoboSurg-VQA: A Multimodal Benchmark for Surgical Segmentation-Aware Visual Question Answering Beyond Binary Edits Robust Multimodal Knowledge Editing with Adversarial Subspace Alignment How Human-Like Are Large Language Models? A Register-Aware Linguistic Evaluation Framework Flow Mismatching: Unsupervised Anomaly Detection via Velocity Discrepancies in Flow Matching Models Inconsistency-aware Multimodal Schrödinger Bridge for Deepfake Localization OpenSkillEval: Automatically Auditing the Open Skill Ecosystem for LLM Agents CoReVAD: A Contextual Reasoning Framework for Training-Free Video Anomaly Detection OnePred: Next-Query Prediction via Recursive Intent Memory in Multi-Turn Conversations Exploiting Longitudinal Context in Clinician-Verified Interactive Lesion Tracking ChartFI: Benchmarking Faithfulness and Insightfulness of Chart Descriptions from Multimodal Large Language Models An AI-Driven Framework for Energy-Efficient Environmental Monitoring in Smart Cities Using Edge Intelligence VisAnalog: A Diagnostic Suite for Visual Concept Transfer on Natural Images Metadata Predictability Is Not Evidence Dependence: An Intervention-Based Audit for Weak-Label Benchmarks
VATS: Exploiting Implicit Authority in Error-Path Injection via Systematic Mutation
[Submitted on 6 Jun 2026] · 2026-06-10 · via cs updates on arXiv.org

View PDF HTML (experimental)

Abstract:As the Model Context Protocol (MCP) standardizes tool-calling for autonomous agents, it introduces a critical, unexamined attack surface: the error-handling loop. We hypothesize that tool error messages possess implicit authority, triggering corrective reasoning modes that bypass standard safety heuristics. We introduce VATS (Vulnerability Analysis of Tool Streams), a mutation-driven framework that systematically evolves adversarial payloads across seven structural and linguistic dimensions. Our evaluation across four frontier models, Gemini 3.1 Pro, GPT-5.5, GLM-5.1, and Qwen3-Coder, demonstrates that error-path injection triples the success rate of standard indirect prompt injection (IPI), achieving up to 100% compliance in controlled evaluations. We isolate structural positioning (sandwiching instructions within error context) as the most effective exploit vector across all tested models. While we find that production framework guardrails can mitigate these vulnerabilities, the inherent susceptibility of the model layer poses a systemic risk to bespoke agentic workflows.

Submission history

From: Harshil Patel [view email]
[v1] Sat, 6 Jun 2026 06:07:52 UTC (210 KB)

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。