Who Pays the Price? Stakeholder-Centric Prompt Injection Benchmarking for Real-world Web Agents

The article introduces a new benchmark called \textbf{\sysname}, which focuses on stakeholder-centric prompt injection attacks in large language model (LLM) driven web agents. Unlike traditional attack-centric assessments, this benchmark categorizes harms based on affected entities and evaluates vulnerabilities through distinct metrics, revealing that current agents fail to reliably resist various attack objectives. This work emphasizes the importance of understanding the asymmetric risks posed by prompt injections in real-world applications, urging practitioners to adopt a more nuanced approach to security in LLM deployments.