菜单

关于 🐙 GitHub
arXiv 提交日期: 2026-07-13
📄 Abstract - Agent Hacks Agent: Autoresearch for Production-Agent Red-Teaming

Production LLM agents such as Claude Code and Codex operate over untrusted content, files, commands, and workspace state, making safety failures directly actionable. Red-teaming must therefore keep pace with evolving models and tools. Existing approaches mainly optimize attack success and preserve artifacts such as benchmarks, payloads, or attack programs, which record where attacks succeed but not the enabling conditions behind unsafe agent behavior. We study automated red-teaming for production LLM agents using one agentic research environment to discover reusable vulnerability knowledge about another. We present AHA, a falsifiable discovery loop that proposes a vulnerability hypothesis, constructs a falsifier, instantiates a valid attack, executes it in a sandboxed harness, reflects on the trajectory, and promotes confirmed findings into a Vulnerability Concept Graph (VCG). Each concept links an attacker-facing surface to an unsafe trajectory through a claim, enabling condition, falsifier, transfer prediction, and supporting evidence. Across Claude Code and Codex on three scenarios covering direct and indirect attacks, the discovered concepts reveal a reusable vulnerability core across models and agents. A frozen VCG requires no further search and outperforms the strongest frozen discovery baseline by 14.2 percentage points under the same single-shot protocol, while transferring across scenarios and attack channels. The resulting VCG provides an auditable artifact for production safety teams to inspect vulnerabilities, validate patches, and accumulate reusable safety knowledge. Our code is available at this https URL.

顶级标签: agents llm security
详细标签: red-teaming vulnerability knowledge discovery production agents attack 或 搜索:

以智攻智:面向生产级智能体的自动化红队测试研究 / Agent Hacks Agent: Autoresearch for Production-Agent Red-Teaming


1️⃣ 一句话总结

本文提出一种让AI智能体自动相互攻击以发现安全漏洞的新方法,通过记录攻击成功的具体条件和原因,生成可重复使用的安全知识图谱,比传统方法更高效地检测和修复生产环境中AI助手的安全隐患。

源自 arXiv: 2607.11698