NAAMSE: Framework for Evolutionary Security Evaluation of Agents

AI agents are increasingly deployed in production, yet their security evaluations remain bottlenecked by manual red-teaming or static benchmarks that fail to model adaptive, multi-turn adversaries. We propose NAAMSE, an evolutionary framework that reframes agent security evaluation as a feedback-driven optimization problem. Our system employs a single autonomous agent that orchestrates a lifecycle of genetic prompt mutation, hierarchical corpus exploration, and asymmetric behavioral scoring. By using model responses as a fitness signal, the framework iteratively compounds effective attack strategies while simultaneously ensuring "benign-use correctness", preventing the degenerate security of blanket refusal. Our experiments on Gemini 2.5 Flash demonstrate that evolutionary mutation systematically amplifies vulnerabilities missed by one-shot methods, with controlled ablations revealing that the synergy between exploration and targeted mutation uncovers high-severity failure modes. We show that this adaptive approach provides a more realistic and scalable assessment of agent robustness in the face of evolving threats. The code for NAAMSE is open source and available at https://github.com/HASHIRU-AI/NAAMSE.

Key Contributions

• Single-agent evolutionary framework that uses genetic prompt mutation and hierarchical corpus exploration to iteratively amplify LLM agent vulnerabilities as a feedback-driven optimization problem
• Asymmetric behavioral scoring that simultaneously measures adversarial success and benign-use correctness, preventing false security from blanket-refusal models
• Open-source implementation validated on Gemini 2.5 Flash, showing evolutionary mutation uncovers high-severity failure modes missed by one-shot static methods

🛡️ Threat Analysis

Details

Similar Papers