LivePI: More Realistic Benchmarking of Agents Against Indirect Prompt Injectio
Researchers have developed LivePI, a new benchmark designed to more realistically assess the risks of indirect prompt injection in AI agents. This benchmark simulates real-world scenarios across various input channels like email, web pages, and chat, evaluating twelve attack families and five malicious goals. Initial tests on leading models such as GPT-5.3-Codex and Claude Opus 4.6 revealed significant vulnerabilities, with group-chat injections proving universally successful and repository link attacks causing high-severity failures. A proposed two-layer defense, combining prompt filtering and tool-call authorization, demonstrated effectiveness in blocking malicious actions without compromising agent utility. AI
IMPACT Highlights critical security vulnerabilities in current AI agents, necessitating robust defenses for safe deployment.