Skills
Red-team your agent to localize — not just detect — prompt injections (PI-Hunter)
PI-Hunter (arXiv 2606.12737, June 2026) automates red-teaming that both exposes prompt injections and pinpoints exactly where in the tool/data flow the injection succeeds. Localization is the practical advance: instead of a binary 'vulnerable/not,' you get the specific tool description, argument, or retrieved document that carried the payload, so you can patch the right boundary. Wire it into CI as an adversarial test suite that fails the build when a new injection site is found.
Source
↳ Follow the thread