Policy dependency / Stack layer
Reason Less, Verify More: Deterministic Gates Catch a Silent Policy-Violation Failure in Tool-Using Agents
arXiv
Stack layer / Threat pattern
Mitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)
arXiv
Threat pattern / Follow-up thread
VEXAIoT: arXiv paper demonstrates autonomous IoT vulnerability exploitation using AI agents
arXiv
Update thread / Follow-up thread
EvoAgentBench: A Benchmark That Isolates Whether Agents Can Turn Past Sessions Into Reusable Procedures
arXiv
Stack layer / Contrast
Append runtime nonces to JSON keys and DOM element IDs — a cheap ADI defense that keeps 83% utility
arXiv 2607.05120
Stack layer
Cache and reuse agent-generated tools instead of regenerating code every request (arXiv 2607.08010, July 9)
arXiv 2607.08010
Threat pattern
Dual-Graph Verification Framework Audits Legacy IT Security Concepts for NIS-2 / OSCAL Migration
arXiv
Stack layer
'Stop Guessing When to Stop Testing' Pushes Sequential Evaluation to Cut Benchmark Cost
arXiv