Agentic Workflow Injection is a new injection vulnerability class in LLM-augmented GitHub Actions, with two patterns (P2A and P2S) detected via the TaintAWI tool yielding 496 confirmed exploitable instances across 13,392 workflows.
Demystifying rce vulnerabilities in llm-integrated apps
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
citation-role summary
background 1
citation-polarity summary
fields
cs.CR 3years
2026 3roles
background 1polarities
background 1representative citing papers
Measurement of 688 AI infra repositories shows frequent overlapping vulnerable patterns, and INFRASCOPE detects over 20 variants including 11 acknowledged and 4 with new CVEs.
The paper synthesizes PQC implementation literature across human, organizational, and technological dimensions, identifies an imbalance favoring technology, and proposes the PQC-HOT conceptual model to guide coordinated socio-technical transitions.
citing papers explorer
-
Demystifying and Detecting Agentic Workflow Injection Vulnerabilities in GitHub Actions
Agentic Workflow Injection is a new injection vulnerability class in LLM-augmented GitHub Actions, with two patterns (P2A and P2S) detected via the TaintAWI tool yielding 496 confirmed exploitable instances across 13,392 workflows.
-
Hunting Vulnerability Variants in AI Infra: Measurement and Reference-Driven Detection
Measurement of 688 AI infra repositories shows frequent overlapping vulnerable patterns, and INFRASCOPE detects over 20 variants including 11 acknowledged and 4 with new CVEs.
-
SoK: Post-Quantum Cryptography (PQC) Implementation in Software Systems
The paper synthesizes PQC implementation literature across human, organizational, and technological dimensions, identifies an imbalance favoring technology, and proposes the PQC-HOT conceptual model to guide coordinated socio-technical transitions.