Exploiting Web Search Tools of AI Agents for Data Exfiltration

ArXi:2510.09093v2 Announce Type: replace-cross Large language models (LLMs) are now routinely used to autonomously execute complex tasks, from natural language processing to dynamic workflows like web searches. The usage of tool-calling and Retrieval Augmented Generation (RAG) allows LLMs to process and retrieve sensitive corporate data, amplifying both their functionality and vulnerability to abuse.