State Contamination in Memory-Augmented LLM Agents
The paper discusses the issue of state contamination in memory-augmented LLM agents. It highlights a failure mode called memory laundering, where toxic information can be compressed into memory summaries that appear safe. The authors propose a new metric to measure the hidden influence of such memory states on downstream toxicity.
- ▪Memory-augmented LLM agents rely on persistent state for long-horizon interaction.
- ▪Toxic or adversarial context can be compressed into memory summaries that evade detection.
- ▪The authors introduce the sub-threshold propagation gap (SPG) to quantify hidden influences on behavior.
Opening excerpt (first ~120 words) tap to expand
Computer Science > Artificial Intelligence arXiv:2605.16746 (cs) [Submitted on 16 May 2026] Title:State Contamination in Memory-Augmented LLM Agents Authors:Yian Wang, Agam Goyal, Yuen Chen, Hari Sundaram View a PDF of the paper titled State Contamination in Memory-Augmented LLM Agents, by Yian Wang and 3 other authors View PDF HTML (experimental) Abstract:LLM agents increasingly rely on persistent state, including transcripts, summaries, retrieved context, and memory buffers, to support long-horizon interaction. This makes safety depend not only on individual model outputs, but also on what an agent stores and later reuses.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at arXiv cs.AI.
Discussion
0 commentsMore from arXiv cs.AI
