Proteus Framework Measures Adaptive Leakage in LLM Agent Skills

A recent study has unveiled Proteus, a framework for red-team operations that evolves autonomously, aimed at evaluating adaptive leakage within LLM agent capabilities. These agent skills enhance LLMs by incorporating reusable instructions, tool interfaces, and executable code, with users frequently adopting third-party skills from various marketplaces and repositories. The authors contend that assessing deployment risks cannot rely solely on one-time audits or prompt-level red teams, as attackers can modify skills iteratively based on feedback received during audits and runtime. Proteus establishes a five-dimensional skill-attack framework and employs a comprehensive audit-sandbox-oracle pipeline for candidate evaluation, yielding structured insights to inform skill mutations. This framework mitigates the risk posed by budget-conscious attackers who can adjust a skill until it successfully passes audits and inflicts verified runtime damage. The research is accessible on arXiv with the identifier 2605.11891.