AHA: Automated Red-Teaming Framework Uncovers Reusable Vulnerabilities in Production LLM Agents
Jul 14, 2026
A new preprint introduces AHA, an automated red-teaming system designed to discover and formalize reusable vulnerability knowledge in production LLM agents such as Claude Code and Codex. AHA iteratively proposes vulnerability hypotheses, constructs falsifiers, and builds a Vulnerability Concept Graph (VCG) that links attack surfaces to unsafe agent behaviors. In experiments, the VCG outperformed the strongest frozen discovery baseline by 14.2 percentage points and demonstrated transferability across models and attack scenarios. The VCG serves as an auditable artifact for safety teams to inspect, validate, and patch vulnerabilities.
Why it matters: This work advances scalable and reusable safety testing for production LLM agents, helping safety teams keep pace with evolving threats and models.
Full story at: arXiv Cryptography and Security ↗