View a PDF of the paper titled MalURLBench: A Benchmark Evaluating Agents’ Vulnerabilities When Processing Web URLs, by Dezhang Kong and 10 other authors
View PDF
HTML (experimental)
Abstract:LLM-based web agents have become increasingly popular for their utility in daily life and work. However, they exhibit critical vulnerabilities when processing malicious URLs: accepting a disguised malicious URL enables subsequent access to unsafe webpages, which can cause severe damage to service providers and users. Despite this risk, no benchmark currently targets this emerging threat. To address this gap, we propose MalURLBench, the first benchmark for evaluating LLMs’ vulnerabilities to malicious URLs. MalURLBench contains 61,845 attack instances spanning 10 real-world scenarios and 7 categories of real malicious websites. Experiments with 12 popular LLMs reveal that existing models struggle to detect elaborately disguised malicious URLs. We further identify and analyze key factors that impact attack success rates and propose URLGuard, a lightweight defense module. We believe this work will provide a foundational resource for advancing the security of web agents. Our code is available at this https URL.
Submission history
From: Dezhang Kong [view email]
[v1]
Mon, 26 Jan 2026 03:58:10 UTC (600 KB)
[v2]
Fri, 30 Jan 2026 14:10:06 UTC (600 KB)
[v3]
Fri, 13 Mar 2026 04:12:36 UTC (600 KB)
