{"id":"https://openalex.org/W7137825607","doi":"https://doi.org/10.48550/arxiv.2603.15408","title":"TrinityGuard: A Unified Framework for Safeguarding Multi-Agent Systems","display_name":"TrinityGuard: A Unified Framework for Safeguarding Multi-Agent Systems","publication_year":2026,"publication_date":"2026-03-16","ids":{"openalex":"https://openalex.org/W7137825607","doi":"https://doi.org/10.48550/arxiv.2603.15408"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.15408","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.15408","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.15408","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5129749400","display_name":"Kai Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Wang, Kai","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029889658","display_name":"B. Zeng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zeng, Biaojie","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129641864","display_name":"Zeming Wei","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wei, Zeming","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109090151","display_name":"Chang Jin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jin, Chang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129700344","display_name":"Hefeng Zhou","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhou, Hefeng","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129681726","display_name":"Xiangtian Li","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li, Xiangtian","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129672825","display_name":"Chao Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Chao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129700882","display_name":"Jingjing Qu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Qu, Jingjing","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129650394","display_name":"Xingcheng Xu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xu, Xingcheng","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5129663912","display_name":"Xia Hu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hu, Xia","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5129749400"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.15299999713897705,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.15299999713897705,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.1437000036239624,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.13189999759197235,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/safeguarding","display_name":"Safeguarding","score":0.5947999954223633},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5900999903678894},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.4950999915599823},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4659000039100647},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.3837999999523163},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.3783000111579895}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6715999841690063},{"id":"https://openalex.org/C2776743756","wikidata":"https://www.wikidata.org/wiki/Q5097921","display_name":"Safeguarding","level":2,"score":0.5947999954223633},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5900999903678894},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.49720001220703125},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.4950999915599823},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48260000348091125},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4659000039100647},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.3837999999523163},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.3783000111579895},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.3691999912261963},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3409999907016754},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.3391999900341034},{"id":"https://openalex.org/C132835097","wikidata":"https://www.wikidata.org/wiki/Q7663745","display_name":"System safety","level":2,"score":0.32749998569488525},{"id":"https://openalex.org/C2777488183","wikidata":"https://www.wikidata.org/wiki/Q6900510","display_name":"Safety monitoring","level":2,"score":0.31369999051094055},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.313400000333786},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.3059000074863434},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.296999990940094},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.2596000134944916}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.15408","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.15408","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.15408","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.15408","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Partnerships for the goals","id":"https://metadata.un.org/sdg/17","score":0.42286232113838196}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"With":[0],"the":[1,33,63,187,209],"rapid":[2],"development":[3],"of":[4,191],"LLM-based":[5,59],"multi-agent":[6],"systems":[7],"(MAS),":[8],"their":[9,215],"significant":[10],"safety":[11,53,174,216],"and":[12,55,85,96,159,167,176,189,202,217],"security":[13],"concerns":[14],"have":[15],"emerged,":[16],"which":[17],"introduce":[18,49],"novel":[19],"risks":[20,205],"going":[21],"beyond":[22],"single":[23],"agents":[24,128,154],"or":[25],"LLMs.":[26],"Despite":[27],"attempts":[28],"to":[29,114,143],"address":[30],"these":[31,173],"issues,":[32],"existing":[34],"literature":[35],"lacks":[36],"a":[37,51,69,102,131,197],"cohesive":[38],"safeguarding":[39],"system":[40],"specialized":[41],"for":[42,58,90,148,200,211],"MAS":[43,94,107,116,184],"risks.":[44],"In":[45],"this":[46],"work,":[47],"we":[48],"TrinityGuard,":[50],"comprehensive":[52,198],"evaluation":[54,119,166],"monitoring":[56,203],"framework":[57,199],"MAS,":[60,207],"grounded":[61],"in":[62,101,206],"OWASP":[64],"standards.":[65],"Specifically,":[66],"TrinityGuard":[67,98,138,194],"encompasses":[68],"three-tier":[70],"fine-grained":[71],"risk":[72,77,150],"taxonomy":[73],"that":[74,110],"identifies":[75],"20":[76],"types,":[78],"covering":[79],"single-agent":[80],"vulnerabilities,":[81],"inter-agent":[82],"communication":[83],"threats,":[84],"system-level":[86],"emergent":[87],"hazards.":[88],"Designed":[89],"scalability":[91],"across":[92,181],"various":[93,182,204],"structures":[95],"platforms,":[97],"is":[99],"organized":[100],"trinity":[103],"manner,":[104],"involving":[105],"an":[106,118],"abstraction":[108],"layer":[109,120],"can":[111],"be":[112],"adapted":[113],"any":[115],"structures,":[117],"containing":[121],"risk-specific":[122],"test":[123],"modules,":[124],"alongside":[125],"runtime":[126,168],"monitor":[127,153],"coordinated":[129],"by":[130],"unified":[132],"LLM":[133],"Judge":[134],"Factory.":[135],"During":[136],"Evaluation,":[137],"executes":[139],"curated":[140],"attack":[141],"probes":[142],"generate":[144],"detailed":[145,178],"vulnerability":[146],"reports":[147],"each":[149],"type,":[151],"where":[152],"analyze":[155],"structured":[156],"execution":[157],"traces":[158],"issue":[160],"real-time":[161],"alerts,":[162],"enabling":[163],"both":[164],"pre-development":[165],"monitoring.":[169],"We":[170],"further":[171,212],"formalize":[172],"metrics":[175],"present":[177],"case":[179],"studies":[180],"representative":[183],"examples,":[185],"showcasing":[186],"versatility":[188],"reliability":[190],"TrinityGuard.":[192],"Overall,":[193],"acts":[195],"as":[196],"evaluating":[201],"paving":[208],"way":[210],"research":[213],"into":[214],"security.":[218]},"counts_by_year":[],"updated_date":"2026-03-18T06:31:55.123368","created_date":"2026-03-18T00:00:00"}