Official repository for “Propagating Unsafe Actions in LLM-Controlled Multi-Robot Collaboration via Single Robot Compromise”.
InfectBot studies a security risk in LLM-controlled multi-robot systems: when an adversary compromises only one entry robot, unsafe intent may propagate through inter-robot communication and trigger system-level failures.
Note
Code, simulation environments, evaluation scripts, and documentation are coming soon.
This project provides a framework for evaluating adversarial propagation in embodied multi-robot collaboration. We focus on three representative scenarios:
- Warehouse Patrol: dereliction-of-duty and boundary violation risks.
- Hospital Privacy: privacy-sensitive sensing and unauthorized camera activation.
- Formation Escort: public-safety risks in coordinated escort missions.
The evaluation measures three key propagation indicators:
- Obedience: whether the entry robot deviates from safety constraints.
- Infectiousness: whether unsafe influence propagates through robot-to-robot messages.
- Stealthiness: how small the attacker-side interaction footprint remains.
- Source code for InfectBot
- Isaac Sim / ROS2 experiment setup
- Scenario configurations
- Evaluation scripts and metrics
- Reproduction instructions