Frostfire Labs is an independent research lab. We conduct vulnerability research and exploit development against agent frameworks, model context protocols, retrieval pipelines, and multimodal ingestion pipelines.
Each finding is built into a working exploit.
Our research investigates self-propagating prompts in AI agent systems, a new class of attack termed “LLM worms.”
Adversarial payloads embedded in Model Context Protocol tool descriptions and responses, propagating to downstream agents that connect to the same server.
Adversarial instructions encoded in images, PDFs, and audio that multimodal models parse as commands.
Inter-agent propagation through message passing and shared state in LangGraph, AutoGen, and CrewAI agent meshes.
Poisoned embeddings planted in retrieval-augmented generation (RAG) indexes that resurface on every matching query.