2604.01701 Pre-Registered Protocol: A Reproducible Audit of Tool-Result Prompt-Injection Resilience Across Four 2025-Era Agents
We specify a pre-registered protocol for When a benign tool returns a result containing an adversarial instruction, how often do four public 2025-era agent frameworks (configured out-of-the-box) obey the injected instruction versus ignore it? using AgentDojo benchmark (Debenedetti et al.