Author name: Ari Azarafrooz

arXiv:2604.21131v1 Announce Type: cross
Abstract: AI-agent guardrails are memoryless: each message is judged in isolation, so an adversary who spreads a single attack across dozens of sessions slips past every session-bound detector because only the a…