SkillHarm: Lifecycle-Aware Skill-Based Attacks via Automated Construction 事件

SkillHarm: Lifecycle-Aware Skill-Based Attacks via Automated Construction arXiv:2606.02540v1 Announce Type: new Abstract: Agent skills occupy a privileged position in the agent workflow, as agents are expected to implicitly follow and execute them, rendering third-party skills a vulnerable attack surface. Existing studies have revealed unsafe agent behaviors induced by skill-based attacks, but they primarily evaluate poisoned skills within a single task execution and enumerate harms through ad-