Adversarial Feeds Steer LLM Agent Decisions Against Their Defaults 事件

Adversarial Feeds Steer LLM Agent Decisions Against Their Defaults arXiv:2606.00914v1 Announce Type: cross Abstract: LLM agents increasingly act after consuming ranked external information streams such as social feeds, search results, retrieval contexts, and email queues, yet safety evaluations almost always test the model or the user prompt in isolation, never the upstream ranker that decides what the agent reads just before it acts. We introduce a controlled protocol that holds the model, per