Every processed story in chronological order, with the newest coverage first. Filter by tag, source, or score to drill in.
The post highlights a concrete security gap in MCP agent workflows — that a one-time tool approval does not account for subsequent changes to a tool's capability surface — and presents Interlock as an open-source mechanism to detect and quarantine such drift before execution.
This would mark the first public availability of Anthropic's most capable frontier model, which was previously restricted to select partners due to its advanced cybersecurity capabilities, representing the broader release of "Mythos-class models" Anthropic had previously signaled.
The general availability of security validation for third-party coding agents means repositories using agents like Claude and OpenAI Codex now have a supported security layer for agent-driven code changes.
IntentProbe addresses a gap the post identifies in existing MCP security tooling: the inability of text-based classifiers to distinguish safe from poisoned tool descriptions when both use nearly identical vocabulary, a scenario where the post reports the strongest reproducible DeBERTa baseline scored 0% recall.
The hacker-fixer loop shows that automated, iterative verifier hardening can eliminate reward hacking that corrupts both benchmark leaderboards and RL training signal — without requiring per-task manual patching.
The paper demonstrates that frontier CUA safety is domain-conditioned rather than general, meaning strong browser-surface defenses in Claude Sonnet 4.6 and GPT-5.4 do not extend to coding-agent contexts, and that published ASR benchmarks are unreproducible without the release of RL-optimized injection strings.
SQA demonstrates that collective, diversity-enforced validator quorums can reduce unsafe LLM agent approvals in cloud infrastructure from 18.5% to 0.3%, addressing a safety gap that classical consensus protocols leave entirely unhandled.
The architecture provides formal, provable correctness guarantees for LLM agent executions — a property the paper demonstrates on regulated domains like healthcare billing compliance and security vulnerability disclosure where auditability is critical.
The discovery that LLM agent safety varies significantly based on conversational position — with a measurable 9–52% improvement after warm-up tasks — identifies a concrete, previously unnamed vulnerability in deployed agentic systems and proposes a benchmark and mitigation strategy grounded in empirical evidence.
The study demonstrates that current LLM agents face substantial behavioral safety risks during task execution — with an average ASR of 47.1% and some models exceeding 70% — underscoring the inadequacy of static, output-only evaluation methods for agents operating with memory, tools, and environmental access.