Yilong Liu

LLM agent harnesses are surprisingly vulnerable, but weaving security directly into the agent lifecycle can slash attack success by 42% without sacrificing utility.

LLMs often invoke irrelevant tools just because the query structure *fits* the tool's parameters, revealing a surprising and widespread flaw in their reasoning.