Tian Tian

Existing defenses against indirect prompt injection in LLM agents are riddled with flaws, as demonstrated by three new adaptive attacks that easily bypass them.