Plant, Persist, Trigger: Sleeper Attack on Large Language Model Agents 事件

Plant, Persist, Trigger: Sleeper Attack on Large Language Model Agents arXiv:2605.28201v1 Announce Type: new Abstract: Large Language Model (LLM) agents remain vulnerable to safety threats from the external environment, where attackers inject adversarial content into external observations such as tool-returned data, webpages, or MCP context, causing harmful agentic behaviors such as unsafe actions or incorrect outputs. Existing studies typically focus on single-interaction attacks, where the ag