Session
Can Your Agent Survive a Multi-Turn Attack?
You tried to jailbreak your own agent, it refused, and you called it secure. That told you almost nothing. A real attacker does not stop at one. They open innocently, escalate over several turns, back off when refused, then come at the same goal from a new angle. That patient pressure is what breaks agents. Red teaming writes those attacks for you. It reads your agent's prompt and tools, generates multi-turn attacks for the risks you care about, like leaking a stored card number or booking above a limit, runs them, and scores whether the agent held. The finding is uncomfortable: run the same setup many times and the agent defends most runs and breaches some. Security is not a pass, it is a rate you track. One clean pass is falsely reassuring; one breach is not a verdict.
Outline: • One refusal proves nothing • Generate the attacks, do not script them • Run the multi-turn campaign • Security is a distribution, not a pass • Budget red teaming like any eval
Elizabeth Fuentes Leone
Developer Advocate
San Francisco, California, United States
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top