StruPhantom introduces a sophisticated attack vector against tabular agents powered by Large Language Models, revealing serious security vulnerabilities in widely-used business applications.

• Employs an evolutionary algorithm to inject malicious payloads that navigate complex data structures
• Achieves high success rates (up to 96%) against black-box tabular agents
• Bypasses conventional payload restrictions by exploiting LLM reasoning patterns
• Demonstrates critical security implications for financial, healthcare, and business intelligence applications

This research highlights urgent security concerns as organizations increasingly adopt LLM-powered tabular agents for sensitive data processing, showing the need for robust defenses against structural injection attacks.

StruPhantom: Evolutionary Injection Attacks on Black-Box Tabular Agents Powered by Large Language Models