[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-defense-training-makes-llm-agents-worse-at-both-jobs":10,"sections":34},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":24,"tags":25,"sources":29,"feedback":33,"feedback_at":22,"cost_usd":33,"total_tokens":33},1804,"defense-training-makes-llm-agents-worse-at-both-jobs","Defense Training Makes LLM Agents Worse at Both Jobs","A new study finds that training AI agents to resist prompt injection causes them to time out on 99% of tasks while still failing against real attacks.","Teaching an AI agent to resist manipulation apparently also teaches it to stop working.\n\nResearchers tested defense-trained large language models against undefended baselines across 97 agent tasks and 1,000 adversarial prompts. The results were damaging in both directions. Defended models refused or generated invalid actions on ordinary, benign tasks — before encountering any external content at all. Early failures then cascaded through retry loops, causing defended models to time out on 99% of tasks, compared to 13% for undefended baselines. Meanwhile, straightforward attacks still bypassed the defenses at high rates.\n\nThe paper calls this a \"capability-alignment paradox,\" and the framing earns its weight. The security and capability problems turn out to be linked at the root: models overfit to surface-level attack patterns rather than learning to understand semantic threats, so they flinch at the wrong stimuli and miss the real ones. That failure mode is not just an embarrassment — it means deploying a defended agent can leave you with a system that is less safe and less useful than the one you replaced.\n\nThe finding lands at an awkward moment for the AI industry, which has been selling \"safe by design\" as a viable product category. If the standard defense paradigm optimizes for single-turn refusal benchmarks while breaking multi-step tool use entirely, the benchmarks are the problem — and so is any product claim built on top of them.","[\"ai\",\"security\",\"llm\",\"agents\"]","2026-06-19T04:00:00.000Z","2026-06-19T12:18:17.225Z","2026-06-19T14:22:19.681Z","published",null,[],"ai",[24,26,27,28],"security","llm","agents",[30],{"name":31,"url":32},"arXiv cs.AI","https:\u002F\u002Farxiv.org\u002Fabs\u002F2603.19423",0,{"sections":35},[36,40,43,48,53,58,63,67,71,76,81,86,91,96],{"name":37,"slug":24,"count":38,"latest_published_at":39},"AI",491,"2026-06-19T14:59:11.000Z",{"name":41,"slug":26,"count":42,"latest_published_at":18},"Security",132,{"name":44,"slug":45,"count":46,"latest_published_at":47},"Policy","policy",88,"2026-06-16T09:26:09.000Z",{"name":49,"slug":50,"count":51,"latest_published_at":52},"Consumer Tech","consumer-tech",78,"2026-06-16T17:58:24.000Z",{"name":54,"slug":55,"count":56,"latest_published_at":57},"Hardware","hardware",62,"2026-06-18T15:24:16.000Z",{"name":59,"slug":60,"count":61,"latest_published_at":62},"Deals","deals",58,"2026-06-19T14:43:50.000Z",{"name":64,"slug":65,"count":61,"latest_published_at":66},"Software","software","2026-06-16T20:00:00.000Z",{"name":68,"slug":69,"count":70,"latest_published_at":18},"Dev Tools","dev-tools",50,{"name":72,"slug":73,"count":74,"latest_published_at":75},"Science","science",38,"2026-06-18T04:00:00.000Z",{"name":77,"slug":78,"count":79,"latest_published_at":80},"Gaming","gaming",31,"2026-06-16T15:25:13.000Z",{"name":82,"slug":83,"count":84,"latest_published_at":85},"General","general",26,"2026-06-13T18:35:15.000Z",{"name":87,"slug":88,"count":89,"latest_published_at":90},"Startups","startups",23,"2026-06-16T15:00:00.000Z",{"name":92,"slug":93,"count":94,"latest_published_at":95},"Reviews","reviews",19,"2026-06-14T08:00:00.000Z",{"name":97,"slug":98,"count":99,"latest_published_at":100},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]