In-Browser LLM-Guided Fuzzing for Real-Time Prompt Injection Testing in Agentic AI Browsers
This addresses security risks for users of agentic AI browsers, but it is incremental as it builds on existing fuzzing and LLM techniques.
The paper tackles the problem of indirect prompt injection attacks in LLM-based web browsers by introducing an in-browser fuzzing framework guided by an LLM to automatically discover vulnerabilities in real time.
Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions hidden in a webpage deceive the agent into unwanted actions. These attacks can bypass traditional web security boundaries, as the AI agent operates with the user privileges across sites. In this paper, we present a novel fuzzing framework that runs entirely in the browser and is guided by an LLM to automatically discover such prompt injection vulnerabilities in real time.