Source: https://arxiv.org/abs/2506.08837
This research paper explores design patterns to enhance the security of Large Language Model (LLM) agents against prompt injection attacks, a critical vulnerability where malicious inputs manipulate an agent's behavior.
It proposes six specific patterns: Action-Selector, Plan-Then-Execute, LLM Map-Reduce, Dual LLM, Code-Then-Execute, and Context-Minimization, each offering distinct trade-offs between utility and security. The authors illustrate the practical applicability of these patterns through ten diverse case studies, ranging from OS assistants to medical diagnosis chatbots, demonstrating how to build agents that are robust to such attacks.
The paper emphasizes a shift towards application-specific agent design with defined trust boundaries and the combination of multiple patterns for comprehensive security.
