Whispers in the Machine: Confidentiality in Agentic Systems

ArXi:2402.06922v5 Announce Type: replace-cross Large language model (LLM)-based agents combine LLMs with external tools to automate tasks such as scheduling meetings, managing documents, or booking travel. While these integrations unlock powerful capabilities, they also create new and severe attack surfaces. In particular, prompt injection attacks become far dangerous in the agentic setting: malicious instructions embedded in connected services can misdirect the agent, providing a direct pathway for sensitive data to be exfiltrated.