# function-calling

40 articlestagged with “function-calling”

Forced Function Calling Attacks

Forcing models to call specific functions through crafted inputs that override intended tool selection.

agentic-exploitationfunction-callingforcedattacks

Intermediate

Function Calling Context Injection

Injecting adversarial content through function call results that influences subsequent model reasoning.

function-callingcontext-injectionpoisoning

Intermediate

Function Calling Data Exfiltration

Using function calls as data exfiltration channels to extract information from constrained environments.

agentic-exploitationfunction-callingexfiltrationdata

Intermediate

Function Calling Error Exploitation

Leveraging error handling paths in function calling implementations to leak information or bypass controls.

function-callingerrorsexploitation

Intermediate

Function Calling Race Conditions

Exploiting timing and ordering vulnerabilities in parallel and sequential function call execution.

function-callingrace-conditionstiming

Advanced

Default Parameter Abuse in Function Calling

Manipulating default parameter values and optional fields to achieve unintended function behavior.

function-callingparametersdefaults

Intermediate

Function Result Poisoning

Poisoning function call results to inject instructions back into the model's reasoning chain.

agentic-exploitationfunction-callingresultpoisoning

Intermediate

Function Schema Injection

Injecting malicious instructions through function parameter descriptions and schema definitions.

agentic-exploitationfunction-callingschemainjection

Intermediate

Function Type Confusion Attacks

Exploiting type system weaknesses in function calling interfaces to trigger unexpected behavior through type confusion.

function-callingtype-confusionexploitation

Advanced

Function Calling Exploitation

Overview of how LLM function/tool calling works, the attack surface it creates, and systematic approaches to exploiting function calling interfaces in AI systems.

function-callingtool-useagentsexploitationapi-security

Intermediate

Parallel Function Call Exploitation

Exploiting parallel function calling to create race conditions and bypass sequential validation.

agentic-exploitationfunction-callingparallelexploitation

Advanced

Parameter Manipulation

Techniques for crafting malicious parameter values in LLM function calls, including type confusion, boundary violations, injection through parameters, and exploiting weak validation.

parameter-manipulationfunction-callingtype-confusioninjectionexploitation

Advanced

Recursive Function Calling

Techniques for triggering infinite loops, resource exhaustion, and call chain manipulation in LLM function calling systems through recursive and repeated invocations.

recursive-callsfunction-callingresource-exhaustiondenial-of-servicecall-chains

Advanced

Function Result Poisoning (Agentic Exploitation)

Techniques for manipulating function return values to influence LLM behavior, inject instructions via tool results, and chain poisoned results into multi-step exploitation.

result-poisoningfunction-callingindirect-injectiontool-resultsexploitation

Advanced

JSON Schema Injection

Techniques for manipulating function definitions and JSON schemas to alter LLM behavior, inject additional parameters, and exploit schema validation gaps in tool calling systems.

schema-injectionfunction-callingjson-schematool-useexploitation

Advanced

Function Calling Chain Confusion

Confuse multi-step function calling chains to skip validation steps and execute unintended operation sequences.

agentic-exploitationfunction-callingchain-confusionorchestration

Advanced

Function Calling Race Conditions (Agentic Exploitation)

Exploit race conditions in parallel function calling to bypass sequential validation and authorization checks.

agentic-exploitationfunction-callingrace-conditionsparallel

Advanced

Function Hallucination Exploitation

Exploit model tendency to hallucinate function calls to non-existent APIs for information disclosure.

agentic-exploitationfunction-callinghallucinationexploitation

Intermediate

Function Parameter Injection Deep Dive

Advanced techniques for injecting adversarial content through function calling parameter values and defaults.

agentic-exploitationfunction-callingparameter-injectiondeep-dive

Intermediate

Tool Selection Manipulation

Manipulate model tool selection decisions through crafted prompts that bias toward attacker-preferred functions.

agentic-exploitationfunction-callingtool-selectionmanipulation

Intermediate

Agentic Exploitation

Comprehensive coverage of security vulnerabilities in agentic AI systems, including MCP tool exploitation, multi-agent protocol attacks, function calling abuse, memory system compromise, framework-specific weaknesses, and workflow pattern attacks.

agenticagentsmcpfunction-callingmulti-agenta2atool-exploitation

Beginner

Agentic Exploitation Assessment (Assessment)

Test your knowledge of agentic AI attacks, MCP exploitation, function calling abuse, and multi-agent system vulnerabilities with 15 intermediate-level questions.

assessmentagenticmcpfunction-callingtool-use

Intermediate

Function Calling Security Assessment

Assessment focused on JSON schema injection, parameter manipulation, recursive calling, and result poisoning attacks.

assessmentfunction-callingagentic

Intermediate

Skill Verification: Function Calling Attacks

Skill verification for schema injection, parameter manipulation, and result poisoning techniques.

skill-verificationfunction-callingagentic

Intermediate

Secure Function Calling Design

Designing secure function calling interfaces that prevent unauthorized tool use and data exfiltration.

defensefunction-callingsecure-designagent

Intermediate

Function Calling Authorization Framework

Building fine-grained authorization frameworks for function calling that enforce capability-based security.

defensefunction-callingauthorizationframework

Advanced

Integration & Webhook Security

Methodology for exploiting SSRF through LLM tools, webhook hijacking, insecure function dispatch, output parsing vulnerabilities, OAuth/API key management flaws, and MCP server security in AI pipelines.

ssrfwebhooksfunction-callingmcpoauthapi-securityllm-integrationstool-use

Advanced

Function Calling Fortress Breach

Bypass function calling restrictions to invoke unauthorized tools and extract a flag from a sandboxed agent.

labsctffunction-callingfortress

Advanced

Lab: Advanced Function Calling Exploitation

Exploit advanced function calling patterns including nested calls, parallel execution, and schema manipulation.

labsfunction-callingadvancedintermediate

Intermediate

Lab: Function Calling & Tool Use Abuse

Hands-on lab exploring how attackers can manipulate LLM function calling and tool use to execute unauthorized actions, exfiltrate data, and chain tool calls for maximum impact.

labfunction-callingtool-use

Intermediate

Lab: Function Calling Injection

Hands-on lab for exploiting function calling mechanisms by crafting inputs that manipulate which functions get called and with what parameters.

labfunction-callinginjectionagentsagentic-attacks

Intermediate

GPT-4 Attack Surface

Comprehensive analysis of GPT-4-specific attack vectors including function calling exploitation, vision input attacks, system message hierarchy abuse, structured output manipulation, and known jailbreak patterns.

gpt-4attack-surfacefunction-callingvision-attacksjailbreakstructured-outputs

Advanced

Injection via Function Calling

Exploiting function calling and tool-use interfaces to inject adversarial instructions through structured tool inputs and outputs.

prompt-injectionfunction-callingtool-useindirect

Advanced

Function Calling Exploitation Guide

Complete walkthrough of exploiting function calling in OpenAI, Anthropic, and Google AI APIs.

walkthroughsfunction-callingexploitationagent

Intermediate

Function Calling Parameter Injection

Walkthrough of manipulating function call parameters through prompt-level techniques, injecting malicious values into LLM-generated API calls.

function-callingparameter-injectionapi-securityagent-securitywalkthrough

Intermediate

Tool Call Injection

Step-by-step walkthrough of injecting malicious parameters into LLM tool and function calls to execute unauthorized actions in agent systems.

tool-callingfunction-callinginjectionagent-securitywalkthrough

Intermediate

Tool Use Confusion Attack Walkthrough

Walkthrough of confusing model tool-use decisions to invoke unintended functions or skip safety-critical tools.

walkthroughstool-useconfusionfunction-calling

Intermediate

Function Calling Guardrails Implementation

Implement guardrails for function calling that validate tool selection, parameters, and execution scope.

walkthroughsdefensefunction-callingguardrails

Intermediate

Agent System Red Team Engagement

Complete walkthrough for testing tool-using AI agents: scoping agent capabilities, exploiting function calling, testing permission boundaries, multi-step attack chains, and session manipulation.

agentengagementfunction-callingtool-abusepermission-escalationwalkthrough

Advanced

Together AI Security Testing

End-to-end walkthrough for security testing Together AI deployments: API enumeration, inference endpoint exploitation, fine-tuning security review, function calling assessment, and rate limit analysis.

together-aiapi-testinginferencefine-tuningfunction-callingwalkthrough

Intermediate