Logic layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Hammad Atta; Ken Huang; Manish Bhatt; Kamal Ahmed; Muhammad Aziz Ul Haq; Yasir Mehmood

arXiv:2507.10457·cs.CR·August 8, 2025

Logic layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Hammad Atta, Ken Huang, Manish Bhatt, Kamal Ahmed, Muhammad Aziz Ul Haq, Yasir Mehmood

PDF

TL;DR

This paper identifies a new security vulnerability class in agentic systems where malicious prompts can be covertly injected into memory and tool outputs, bypassing filters and causing unauthorized actions.

Contribution

It introduces LPCI, a novel attack method exploiting logic execution layers and persistent memory to embed covert payloads in large language model systems.

Findings

01

LPCI can bypass traditional input filters.

02

Payloads can be triggered across sessions.

03

It reveals a new security risk in LLM-integrated systems.

Abstract

The integration of large language models (LLMs) into enterprise systems has introduced a new class of covert security vulnerabilities, particularly within logic execution layers and persistent memory contexts. This paper introduces Logic-layer Prompt Control Injection (LPCI), a novel category of attacks that embeds encoded, delayed, and conditionally triggered payloads within memory, vector stores, or tool outputs. These payloads can bypass conventional input filters and trigger unauthorised behaviour across sessions.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.