[2603.22341] T-MAP: Red-Teaming LLM Agents with Trajectory-aware Evolutionary Search

Computer Science > Cryptography and Security arXiv:2603.22341 (cs) [Submitted on 21 Mar 2026] Title:T-MAP: Red-Teaming LLM Agents with Trajectory-aware Evolutionary Search Authors:Hyomin Lee, Sangwoo Park, Yumin Choi, Sohyun An, Seanie Lee, Sung Ju Hwang View a PDF of the paper titled T-MAP: Red-Teaming LLM Agents with Trajectory-aware Evolutionary Search, by Hyomin Lee and 5 other authors View PDF HTML (experimental) Abstract:While prior red-teaming efforts have focused on eliciting harmful text outputs from large language models (LLMs), such approaches fail to capture agent-specific vulnerabilities that emerge through multi-step tool execution, particularly in rapidly growing ecosystems such as the Model Context Protocol (MCP). To address this gap, we propose a trajectory-aware evolutionary search method, T-MAP, which leverages execution trajectories to guide the discovery of adversarial prompts. Our approach enables the automatic generation of attacks that not only bypass safety guardrails but also reliably realize harmful objectives through actual tool interactions. Empirical evaluations across diverse MCP environments demonstrate that T-MAP substantially outperforms baselines in attack realization rate (ARR) and remains effective against frontier models, including GPT-5.2, Gemini-3-Pro, Qwen3.5, and GLM-5, thereby revealing previously underexplored vulnerabilities in autonomous LLM agents. Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI); C...