paperarXivTrust 82 · PrimaryPublished 4d agoLive · 3d ago
Entity Binding Failures in Tool-Augmented Agents
Tool-augmented language-model agents are often evaluated by whether they select the correct tool, produce valid API arguments, and complete the requested task. However, an agent may choose the right tool and still act on the wrong external entity. For example, a request to "email Alex about the launch" may lead the agent to contact the wrong Alex, attach the wrong launch document, reply in the wrong thread, or update the wrong customer account. We call these errors entity binding failures. This paper studies entity binding failures as a distinct reliability and safety problem in tool-augmented
Lineage graph
Paper → model → repo connections mined from source citations (Tier-1 exact match).
Implements
Covers
newsPrompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routersnewsDebugging production agents with Amazon Bedrock AgentCore ObservabilitynewsA system-level approach to prompt injection: separating instruction and data channels in LLM agents [P]
Related across the graph
newsPrompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routersnewsDebugging production agents with Amazon Bedrock AgentCore ObservabilitynewsA system-level approach to prompt injection: separating instruction and data channels in LLM agents [P]repoagent-tools
