The paper "SECAPT: An Execution Isolation Architecture for LLM-Based Systems" addresses the security and privacy risks associated with third-party applications in large language model (LLM) systems. The authors propose SECAPT, an architecture that isolates the execution of apps and mediates their interactions outside their isolated environments. This approach aims to reduce the attack surface and protect against security, privacy, and safety issues. SECAPT's key components include a central hub that manages user queries and routes them to appropriate apps, dedicated LLMs for each app, and an inter-spoke communication (ISC) protocol for secure collaboration between apps. The evaluation demonstrates that SECAPT effectively mitigates security risks without significantly impacting performance, with an overhead of under 0.3× for three-quarters of tested queries. The paper also discusses the motivation behind SECAPT, the system model, attacker capabilities, and the threat model, providing a comprehensive overview of the proposed architecture and its implementation.The paper "SECAPT: An Execution Isolation Architecture for LLM-Based Systems" addresses the security and privacy risks associated with third-party applications in large language model (LLM) systems. The authors propose SECAPT, an architecture that isolates the execution of apps and mediates their interactions outside their isolated environments. This approach aims to reduce the attack surface and protect against security, privacy, and safety issues. SECAPT's key components include a central hub that manages user queries and routes them to appropriate apps, dedicated LLMs for each app, and an inter-spoke communication (ISC) protocol for secure collaboration between apps. The evaluation demonstrates that SECAPT effectively mitigates security risks without significantly impacting performance, with an overhead of under 0.3× for three-quarters of tested queries. The paper also discusses the motivation behind SECAPT, the system model, attacker capabilities, and the threat model, providing a comprehensive overview of the proposed architecture and its implementation.