Depth-Dependent Indirect Prompt Injection in Tool-Calling ReAct Agents: Injection Depth, Payload Framing, and Turn-Budget Sensitivity 事件

PRODUCT_LAUNCH2026-06-01影响: MEDIUM

Depth-Dependent Indirect Prompt Injection in Tool-Calling ReAct Agents: Injection Depth, Payload Framing, and Turn-Budget Sensitivity arXiv:2605.30686v1 Announce Type: cross Abstract: ReAct agents that interleave chain-of-thought reasoning with tool calls are increasingly deployed for real tasks such as scheduling, file retrieval, and data access. Their tool observation loop creates a direct attack surface: an adversary who controls any tool's return value can embed instructions that redirect t

人工智能
关系图谱

10

相关公司

2

相关人物

10

相关产品

10

相关技术

1

相关报道

相关公司查看全部 (10)

H
HREANONPROFIT
I
IRECNONPROFIT
S
SpanNONPROFIT
G
GOALNONPROFIT

相关人物查看全部 (2)

C

can

C

Cap

相关产品查看全部 (10)

benchmark

OPEN_SOURCE

1033Python

ROMP

OPEN_SOURCE

1524Python

MING

OPEN_SOURCE

1129Python

surf

OPEN_SOURCE

3399TypeScript

相关技术查看全部 (10)

AgentChain-of-thought reasoningtool-callingchain-of-thought

相关报道查看全部 (1)

Depth-Dependent Indirect Prompt Injection in Tool-Calling ReAct Agents: Injection Depth, Payload Framing, and Turn-Budget Sensitivity
ArXiv CS.AI2026-06-01