Benchmarking Web Agent Safety under E-commerce Deceptive Interfaces

The paper introduces WebDecept, a lightweight plugin framework designed to inject deceptive interface patterns into e-commerce environments for evaluating web agent safety. It examines the behavior of multimodal web agents against seven deceptive patterns, revealing their vulnerability to manipulation and demonstrating that prompt-based constraints are often ineffective. These findings underscore the urgent need for improved safety measures as web agents are increasingly deployed in real-world scenarios.