arXiv: Who Pays the Price? Stakeholder-Centric Prompt Injection Benchmarking for Real-world Web Agents

This paper, published on arXiv, introduces a new benchmarking framework called "Who Pays the Price?" designed to evaluate how real-world web agents—AI systems that interact with websites and online services—handle prompt injection attacks. Prompt injection occurs when malicious inputs trick an AI into overriding its intended instructions, potentially causing unauthorized actions or data exposure. The framework shifts focus from technical performance to stakeholder impact, measuring who bears the cost of such vulnerabilities, including users, service providers, and third parties.

The findings directly affect organizations deploying or integrating autonomous AI agents in sectors like e-commerce, finance, customer service, and healthcare, where web-based interactions are common. Compliance teams in these sectors must recognize that current safety testing may overlook real-world attack vectors that could lead to regulatory breaches under frameworks like the EU AI Act, particularly regarding transparency, robustness, and user protection.

As a next step, compliance teams should review their AI risk assessment processes to ensure they include stakeholder-centric testing for prompt injection, not just technical accuracy. They should also update internal validation protocols to simulate real-world web agent scenarios and document how their systems mitigate harm to end users. Engaging with this benchmarking methodology can help demonstrate proactive alignment with emerging AI safety standards and regulatory expectations for trustworthy AI.