View PDF ↗
PDF Viewer
Open Full PDF

BUILDER'S SANDBOX

Build This Paper

Use an AI coding agent to implement this research.

OpenAI Codex
OpenAI CodexAI Agent

Lightweight coding agent in your terminal.

Claude Code
Claude CodeAI Agent

Agentic coding tool for terminal workflows.

AntiGravity IDE
AntiGravity IDEScaffolding

AI agent mindset installer and workflow scaffolder.

Cursor
CursorIDE

AI-first code editor built on VS Code.

VS Code
VS CodeIDE

Free, open-source editor by Microsoft.

Estimated $10K - $14K over 6-10 weeks.

See exactly what it costs to build this -- with 3 comparable funded startups.

7-day free trial. Cancel anytime.

Discover the researchers behind this paper and find similar experts.

7-day free trial. Cancel anytime.

References (27)

[1]
Qwen3Guard Technical Report
2025Hai Zhao, Chenhan Yuan et al.
[2]
Indirect Prompt Injections: Are Firewalls All You Need, or Stronger Benchmarks?
2025Rishika Bhagwatkar, Kevin Kasa et al.
[3]
MiniCPM-V 4.5: Cooking Efficient MLLMs via Architecture, Data, and Training Recipe
2025Tianyu Yu, Zefan Wang et al.
[4]
Automating Steering for Safe Multimodal Large Language Models
2025Lyucheng Wu, Mengru Wang et al.
[5]
Qwen3 Technical Report
2025An Yang, Anfeng Li et al.
[6]
Adaptive Attacks Break Defenses Against Indirect Prompt Injection Attacks on LLM Agents
2025Qiusi Zhan, Richard Fang et al.
[7]
MELON: Provable Defense Against Indirect Prompt Injection Attacks in AI Agents
2025Kaijie Zhu, Xianjun Yang et al.
[8]
Induction Heads as an Essential Mechanism for Pattern Matching in In-context Learning
2025J. Crosbie, E. Shutova
[9]
Attention Tracker: Detecting Prompt Injection Attacks in LLMs
2024Kuo-Han Hung, Ching-Yun Ko et al.
[10]
Anyattack: Towards Large-scale Self-supervised Adversarial Attacks on Vision-language Models
2024Jiaming Zhang, Junhong Ye et al.
[11]
SecAlign: Defending Against Prompt Injection with Preference Optimization
2024Sizhe Chen, Arman Zharmagambetov et al.
[12]
Controllable Text Generation for Large Language Models: A Survey
2024Xun Liang, Hanyu Wang et al.
[13]
Lookback Lens: Detecting and Mitigating Contextual Hallucinations in Large Language Models Using Only Attention Maps
2024Yung-Sung Chuang, Linlu Qiu et al.
[14]
Dissecting Adversarial Robustness of Multimodal LM Agents
2024Chen Henry Wu, Jing Yu Koh et al.
[15]
Refusal in Language Models Is Mediated by a Single Direction
2024Andy Arditi, Oscar Obeso et al.
[16]
Goal-Guided Generative Prompt Injection Attack on Large Language Models
2024Chong Zhang, Mingyu Jin et al.
[17]
Intern VL: Scaling up Vision Foundation Models and Aligning for Generic Visual-Linguistic Tasks
2023Zhe Chen, Jiannan Wu et al.
[18]
Successor Heads: Recurring, Interpretable Attention Heads In The Wild
2023Rhys Gould, Euan Ong et al.
[19]
Tell Your Model Where to Attend: Post-hoc Attention Steering for LLMs
2023Qingru Zhang, Chandan Singh et al.
[20]
Function Vectors in Large Language Models
2023Eric Todd, Millicent Li et al.

Showing 20 of 27 references

Founder's Pitch

"ICON offers a framework for defending LLM agents from indirect prompt injection attacks by using inference-time corrections to ensure security without compromising task continuity."

AI SecurityScore: 7View PDF ↗

Commercial Viability Breakdown

0-10 scale

High Potential

1/4 signals

2.5

Quick Build

4/4 signals

10

Series A Potential

1/4 signals

2.5

Sources used for this analysis

arXiv Paper

Full-text PDF analysis of the research paper

GitHub Repository

Code availability, stars, and contributor activity

Citation Network

Semantic Scholar citations and co-citation patterns

Community Predictions

Crowd-sourced unicorn probability assessments

Analysis model: GPT-4o · Last scored: 2/24/2026

Explore the full citation network and related research.

7-day free trial. Cancel anytime.

Understand the commercial significance and market impact.

7-day free trial. Cancel anytime.

Get detailed profiles of the research team.

7-day free trial. Cancel anytime.