• Computer Science > Artificial Intelligence [Submitted on 18 Feb 2026] Title:AgentLAB: Benchmarking LLM Agents against Long-Horizon Attacks View PDF HTML (experimental)Abstract:LLM agents are increasingly deployed in long-horizon, complex environments to solve challenging problems, but this expansion exposes them to long-horizon attacks that exploit multi-turn user-agent-environment interactions to achieve objectives infeasible in single-turn settings. • To measure agent vulnerabilities to such risks, we present AgentLAB, the first benchmark dedicated to evaluating LLM agent susceptibility to adaptive, long-horizon attacks. • Currently, AgentLAB supports five novel attack types including intent hijacking, tool chaining, task injection, objective drifting, and memory poisoning, spanning 28 realistic agentic environments, and 644 security test cases. • Leveraging AgentLAB, we evaluate representative LLM agents and find that they remain highly susceptible to long-horizon attacks; moreover, defenses designed for single-turn interactions fail to reliably mitigate long-horizon threats. • We anticipate that AgentLAB will serve as a valuable benchmark for tracking progress on securing LLM agents in practical settings. • The benchmark is publicly available at this https URL.

Article Summaries:

  • AgentLAB: Benchmarking LLM Agents against Long‑Horizon Attacks

Researchers have released AgentLAB, the first benchmark designed to assess the vulnerability of large‑language‑model (LLM) agents to long‑horizon attacks-multi‑turn exploits that are infeasible in single‑turn settings. The benchmark includes 28 realistic agentic environments and 644 security test cases across five novel attack types: intent hijacking, tool chaining, task injection, objective drifting, and memory poisoning. Initial evaluations of representative LLM agents show they remain highly susceptible to these attacks, and defenses built for single‑turn interactions fail to mitigate long‑horizon threats. AgentLAB is publicly available and aims to track progress in securing LLM agents for practical deployments.

Sources: