Safety
Safe to Check, Unsafe to Use: Relinking at the Compression Boundary of LLM Agents
The paper introduces the concept of "relinking," a vulnerability in summarization-based prompt compression used by LLM agents, where benign fragments can be compressed into malicious instructions. It presents "Relink," an automated DSL-based tool that effectively splits malicious payloads into benign components, achieving an 86.9% Relink Rate and Backend Action Rate in benchmarks, significantly outperforming existing methods. This research highlights a critical security concern for practitioners, emphasizing the need for robust defenses against adversarial relinking in LLM applications, as existing defenses are inadequate.
compressionllm-agentssecurity