MMODELYST
Papers/PragLocker: Protecting Agent Intellectual Property in Untrusted Deployments via Non-Portable Prompts
PAP

PragLocker: Protecting Agent Intellectual Property in Untrusted Deployments via Non-Portable Prompts

May 7, 2026

arXiv
Abstract

LLM agents rely on prompts to implement task-specific capabilities based on foundation LLMs, making agent prompts valuable intellectual property. However, in untrusted deployments, adversaries can copy and reuse these prompts with other proprietary LLMs, causing economic losses. To protect these prompts, we identify four key challenges: proactivity, runtime protection, usability, and non-portability that existing approaches fail to address. We present PragLocker, a prompt protection scheme that satisfies these requirements. PragLocker constructs function-preserving obfuscated prompts by anchoring semantics with code symbols and then using target-model feedback to inject noise, yielding prompts that only work on the target LLM. Experiments across multiple agent systems, datasets, and foundation LLMs show that PragLocker substantially reduces cross-LLM portability, maintains target performance, and remains robust against adaptive attackers.

Select text to highlight · click a highlight to remove · saved in this browser only
Authors
Qinfeng Li, Yuntai Bao, Jianghui Hu, Wenqi Zhang, Jintao Chen, Huifeng Zhu, Yier Jin, Xuhong Zhang
Your notes (browser-local)
saved
arXiv:2605.05974