Yu Feng
5 papers ยท Latest:
Options, Not Clicks: Lattice Refinement for Consent-Driven MCP Authorization
Conleash is a client-side middleware that uses a risk lattice and policy engine to provide consent-driven, boundary-scoped authorization for MCP tool invocations.
On the (In-)Security of the Shuffling Defense in the Transformer Secure Inference
This paper demonstrates a novel attack that bypasses the shuffling defense in Transformer secure inference, enabling model weight extraction.
Semia: Auditing Agent Skills via Constraint-Guided Representation Synthesis
Semia audits LLM agent skills by converting them into a Datalog fact base using CGRS, finding critical risks in over half of real-world skills.
Synthesizing Multi-Agent Harnesses for Vulnerability Discovery
AgentFlow synthesizes multi-agent harnesses to discover critical zero-day vulnerabilities in software like Google Chrome, outperforming existing methods.
Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain
This paper reveals critical security vulnerabilities in LLM API routers, demonstrating malicious code injection and secret exfiltration attacks.
๐ฌ Weekly AI Paper Digest
Get the top 10 AI/ML arXiv papers from the week โ summarized, scored, and delivered to your inbox every Monday.