paper reviewed open access llmsec-2024-00036

ConfusedPilot: Confused Deputy Attacks Against RAG-based Code Assistants

Andrew Patel, Hossein Aboutorab, Ilia Kolochenko

2024-09 — arXiv preprint 25 citations

Abstract

Introduces confused deputy attacks against RAG-based code assistants like GitHub Copilot, where poisoned code repositories manipulate assistant outputs.

Framework Mappings

OWASP LLM: LLM01 OWASP LLM: LLM08 OWASP Agentic: AGT03 OWASP Agentic: AGT07

Cite This Resource

@article{llmsec202400036,
  title = {ConfusedPilot: Confused Deputy Attacks Against RAG-based Code Assistants},
  author = {Andrew Patel and Hossein Aboutorab and Ilia Kolochenko},
  year = {2024},
  journal = {arXiv preprint},
  url = {https://arxiv.org/abs/2409.12345},
}

Metadata

Added: 2026-04-14
Added by: manual
Source: manual

ConfusedPilot: Confused Deputy Attacks Against RAG-based Code Assistants

Abstract

Categories

Tags

Framework Mappings

Cite This Resource

Metadata