Agent-Native Immune System: Architecture, Taxonomy, and Engineering
Quick Answer
This paper shows that The Agent-Native Immune System (ANIS) introduces a biologically inspired defense architecture for autonomous agents, integrating a six-layer Immune Tower and a taxonomy of Agent Viruses and Vaccines.
Quick Take
The Agent-Native Immune System (ANIS) introduces a biologically inspired defense architecture for autonomous agents, integrating a six-layer Immune Tower and a taxonomy of Agent Viruses and Vaccines. It enhances runtime security against memory poisoning and tool-chain manipulation, promoting Continual Immune Learning (CIL) for dynamic threat adaptation.
Key Points
- ANIS features a six-layer Immune Tower, enhancing agent security.
- Introduces Barrier Immunity as a non-cognitive isolation layer.
- Establishes a taxonomy for Agent Viruses and Vaccines.
- Promotes Continual Immune Learning for dynamic threat adaptation.
- Addresses runtime vulnerabilities in autonomous agents.
Paper Resources
Article Content
From source RSS / original summaryarXiv:2606. 28270v1 Announce Type: new Abstract: The transition from static chat bots to autonomous agents--equipped with persistent memory, protocols, and collaboration--has fundamentally expanded the AI threat landscape. Current defense mechanisms, such as perimeter security and training-time alignment, remain external to the agent's active reasoning loop.
Consequently, they fall short: a fully aligned agent remains highly vulnerable to runtime hijacking via memory poisoning, tool-chain manipulation, or multi-agent protocol attacks. To address this critical gap, we introduce the Agent-Native Immune System (ANIS), the first biologically inspired, endogenous defense architecture embedded directly within the agent's cognitive loop. Our framework presents four primary contributions.
First, we design a six-layer Immune Tower (L0-L5), distinctly incorporating Barrier Immunity (L1) as a non-cognitive, physical-and-logical isolation layer. Second, we establish a unified taxonomy of Agent Viruses and Agent Vaccines, formalizing the critical distinction between superficial non-parametric defenses and robust parametric vaccines.
Third, we conceptualize the Harness Triad--Meta, Self, and Auto--a self-monitoring, meta-cognitive automation backbone that drives Continual Immune Learning (CIL), enabling vaccines to dynamically adapt to novel threats. Finally, we establish a rigorous theoretical demarcation between model alignment and agent immunity: while alignment provides a static "constitutional" value foundation during training, ANIS serves as the dynamic "law enforcement" mechanism during runtime.
We conclude by framing open challenges for the field, including immune protocol standardization, novel evaluation metrics such as the Autoimmunity Rate (false-positive intervention rate), and the co-evolutionary dynamics between pathogens and vaccines within collective intelligence ecosystems.
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from arXiv cs.AI
See more →The Verification Horizon: No Silver Bullet for Coding Agent Rewards
As coding agents evolve, verifying solutions becomes more challenging than generating them, necessitating a focus on scalable, faithful, and robust verification methods. The study reveals that no fixed reward function can sustain effectiveness as model capabilities advance, emphasizing the need for verification to evolve alongside solution generation.