This week in AI papers

We keep an eye on new AI papers on arXiv, pick one or two that really matter each day, and share the key ideas — no hype, just clear explanations.

Unpacked by our trio: Alex the plain-language host, Marc the hands-on power user, and Jamie the senior ML engineer.

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

2026-05-24

Excerpt — As LLMs gain persistent memory for personalized interactions, this paper reveals a stealthy attack vector where adversaries poison memory entries that trigger harmful behaviors only after a delay. Understanding sleeper…

📝 Article 📄 PDF

MemLineage: Lineage-Guided Enforcement for LLM Agent Memory

2026-05-23

Excerpt — MemLineage proposes a novel defense combining cryptographic provenance and lineage tracking to ensure every memory entry’s origin and derivation are verifiable. This approach helps maintain useful recall while…

📝 Article 📄 PDF

AgentTrap: Measuring Runtime Trust Failures in Third-Party Agent Skills

2026-05-21

Excerpt — Third-party skills enrich LLM agents but introduce subtle security risks. AgentTrap exposes how malicious skills can disguise harmful actions within complex workflows, highlighting the need for runtime trust measurement…

📝 Article 📄 PDF

No Attack Required: Semantic Fuzzing for Specification Violations in Agent Skill

2026-05-19

Excerpt — Not all safety breaches stem from attacks. This paper uncovers how benign inputs can cause skills to violate their own safety specifications due to ambiguous guardrails. Semantic fuzzing offers a proactive way to detect…

📝 Article 📄 PDF

GraphBit: A Graph-based Agentic Framework for Non-Linear Agent Orchestration

2026-05-20

Excerpt — Prompt-based orchestration struggles with hallucinations and loops. GraphBit introduces a deterministic DAG-driven framework that explicitly defines agent workflows, improving reproducibility and control—ideal for…

📝 Article 📄 PDF

No Action Without a NOD: A Heterogeneous Multi-Agent Architecture for Reliable Service

2026-05-19

Excerpt — NOD proposes splitting roles among Navigator, Operator, and Director agents to reduce policy violations and hallucinations in long-horizon tasks. This architecture offers a promising path toward dependable AI services…

📝 Article 📄 PDF

Good to Go: The LOOP Skill Engine That Hits 99% Success and Slashes Token Usage

2026-05-21

Excerpt — LOOP skill engine tackles the cost and unpredictability of periodic tasks by combining high success rates with dramatic token savings. A practical blueprint for deploying efficient, reliable agent skills at scale. ---…

📝 Article 📄 PDF

Safety Context Injection: Inference-Time Safety Alignment via Static Filtering

2026-05-18

Excerpt — When model weights can’t be changed, inference-time interventions become essential. This paper presents static filtering techniques to inject safety context, addressing challenges like hidden harmful intent and…

📝 Article 📄 PDF

History Anchors: How Prior Behavior Steers LLM Decisions Toward Unsafe Actions

2026-05-20

Excerpt — History matters. This study shows that harmful prior actions in an agent’s log can bias future decisions toward unsafe outcomes. The HistoryAnchor-100 benchmark offers a new way to evaluate and mitigate this risk in…

📝 Article 📄 PDF