ClawTrojan

From Prompt Injection to Persistent Control: Defending Agentic Harness Against Trojan Backdoors

Announce Type: new Abstract: LLM agents are evolving from conversational chatbots to operational tools in real-world workspaces. In local agentic harnesses, an LLM can read and write files, call tools, and reuse workspace state across sessions. While such capabilities enhance utility, they also expose a new attack surface for attackers.