Agentic Workflow Injection is a new injection vulnerability class in LLM-augmented GitHub Actions, with two patterns (P2A and P2S) detected via the TaintAWI tool yielding 496 confirmed exploitable instances across 13,392 workflows.
Y ASA: Scalable multi-language taint analysis on the unified AST
3 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
years
2026 3roles
baseline 1polarities
baseline 1representative citing papers
AgentFlow builds a framework-agnostic Agent Dependency Graph from agent program source code to support static analyses such as BOM generation and prompt-to-tool risk detection, evaluated on 5,399 real programs across five frameworks.
Systematic survey of 55 studies on security testing identifies structural-adaptive fragmentation between program representations and adaptive mechanisms, proposing a unified research agenda.
citing papers explorer
-
AgentFlow: Building Agent Dependency Graphs for Static Analysis of Agent Programs
AgentFlow builds a framework-agnostic Agent Dependency Graph from agent program source code to support static analyses such as BOM generation and prompt-to-tool risk detection, evaluated on 5,399 real programs across five frameworks.
-
Adaptive and AI-Augmented Security Testing: A Systematic Survey of Program Analysis, Feedback-Driven Testing, and Hybrid Learning-Based Approaches
Systematic survey of 55 studies on security testing identifies structural-adaptive fragmentation between program representations and adaptive mechanisms, proposing a unified research agenda.