ConfusedPilot: Confused deputy risks in RAG-based LLMs

representative citing papers

citing papers explorer

Showing 4 of 4 citing papers.

• Oracle Poisoning: Corrupting Knowledge Graphs to Weaponise AI Agent Reasoning cs.CR · 2026-05-10 · unverdicted · none · ref 21

  Oracle Poisoning corrupts knowledge graphs used by AI agents via tool calls, leading tested models to accept fabricated claims at 100% under directed queries in a production-scale demonstration.

• Trust Me, Import This: Dependency Steering Attacks via Malicious Agent Skills cs.CR · 2026-05-10 · unverdicted · none · ref 29

  Malicious Skills induce coding agents to hallucinate and import attacker-controlled packages at high rates while evading detection.

• SkillSafetyBench: Evaluating Agent Safety under Skill-Facing Attack Surfaces cs.CR · 2026-05-12 · unverdicted · none · ref 75

  SkillSafetyBench shows that localized non-user attacks via skills and artifacts can consistently induce unsafe agent behavior across domains and model backends, independent of user intent.

• RAGShield: Detecting Numerical Claim Manipulation in Government RAG Systems cs.CR · 2026-04-01 · conditional · none · ref 12

  RAGShield detects all numerical manipulations in government RAG systems via pattern-based value extraction and cross-source verification, achieving 0% attack success rate on 430 real IRS-derived attacks where embedding defenses miss 79-90%.