Problem Statement
Agentic AI systems increasingly read emails, access internal tools, and make autonomous decisions. However, they can be manipulated by trusted content into leaking privileged data or performing unauthorized actions — even when no traditional code vulnerability exists.
Current AI security solutions focus on detection or manual red teaming. There is no lightweight, autonomous system that can attack an AI agent, identify the reasoning flaw, patch it, and verify the fix automatically.
🔹 Solution
AXIOM introduces a closed-loop adversarial testing framework for Gemini-powered agents.
It:
Simulates a realistic attacker using Gemini reasoning
Exploits an indirect prompt injection vulnerability
Analyzes the agent’s decision boundary at a policy level
Generates a minimal defensive system rule
Re-attacks to verify that the fix works
The system measures security improvement using Mean Time to Exploit (MTTE).
🔹 How Gemini Is Used
AXIOM depends on Gemini for:
Multi-step adversarial reasoning (thinking mode)
Long-context attack crafting
Structured reasoning summaries
Controlled decision-boundary analysis
Gemini powers both:
The Victim Agent (OfficeManager)
The Adversarial Agent (AXIOM)
If no API key is available, the system falls back to deterministic mock responses for demo reliability
Log in or sign up for Devpost to join the conversation.