Wei Zou

AgentWatcher spots prompt injections in long-context LLMs by pinpointing the few key text snippets that actually influenced the model's behavior, then checking those against a clear rulebook of forbidden commands.