Time-of-Check Time-of-Use Attacks Against LLMs

This post summarizes research that identifies and evaluates Time-of-Check to Time-of-Use (TOCTOU) vulnerabilities in LLM-enabled agents, introducing TOCTOU-Bench (66 realistic user tasks) to measure susceptibility. The study adapts detection and mitigation techniques—prompt rewriting, state integrity monitoring, and tool-fusing—and reports up to 25% automated detection accuracy, a 3% reduction in vulnerable plan generation, a 95% reduction in the attack window, and a decrease in executed-trajectory TOCTOU vulnerabilities from 12% to 8% when combining defenses.