Yanting Wang

Red-teaming long-context LLMs just got a whole lot cheaper: FlashRT slashes the compute and memory costs of prompt injection attacks by up to 7x.

Turns out, state-of-the-art prompt injection defenses aren't as robust as we thought: they crumble against adaptive attacks and struggle when the injected task aligns with the intended one.

AgentWatcher spots prompt injections in long-context LLMs by pinpointing the few key text snippets that actually influenced the model's behavior, then checking those against a clear rulebook of forbidden commands.