Tag
This paper introduces multi-step trojan attacks against local LLM agents, where malicious prompts are embedded across multiple operations to bypass existing defenses. It proposes ClawTrojan benchmark and DASGuard defense to detect and mitigate such attacks.