Telecom
Telecom carrier environment for plan changes, billing inquiries, and SIM operations — with adversaries hiding directives in messages, status alerts, and account notes.
Domain overview
Telecommunication service systems are widely used to support subscriber-facing operations such as account management, billing, outage handling, order fulfillment, technician scheduling, and customer support. Modern telecom platforms increasingly integrate AI agents to automate tasks including customer lookup, support-ticket handling, plan and order updates, service notifications, appointment coordination, and forum-based assistance.
These agents typically operate with access to highly sensitive subscriber data (e.g., phone numbers, service addresses, billing records, device and line information) and can execute high-impact operational actions (e.g., modifying accounts, issuing credits or refunds, changing service configurations, scheduling technician visits, or sending customer-facing communications). Because these systems sit at the intersection of customer support, financial workflows, and operational service management, failures in security enforcement can expose organizations to severe risks including privacy violations, fraud, account takeover, billing manipulation, operational disruption, and regulatory non-compliance.
We first design a comprehensive set of benign tasks for telecom service agents, covering 11 representative categories commonly encountered in real-world customer service workflows. Based on carrier privacy and service policies, as well as broader telecom security and compliance frameworks including 3GPP, O-RAN, NIST, and FCC guidance, we derive a set of 8 key security risk categories, instantiated into 11 concrete evaluation labels. Guided by these risks, we construct red-teaming tasks with malicious goals under two primary threat models to systematically evaluate the security robustness of telecom agents.
Benign task categories
Billing & Service Management
Handles billing inquiries, payment status checks, plan charges, invoice-related operations, and service-level changes tied to customer accounts
Customer Lookup
Retrieves subscriber records and verifies customer information such as account ownership, line status, plan details, and linked services
Account Service
Manages account-level changes such as updating service settings, modifying permissions, handling line-level actions, and maintaining account state
Support Ticket
Creates, updates, escalates, resolves, and audits support tickets and internal case records for customer issues
Outage Management
Tracks service outages, checks incident status, communicates restoration timelines, and coordinates operational responses to service disruptions
Orders & Provisioning
Supports device or service orders, subscription changes, activation workflows, and fulfillment-related coordination
Calendar & Scheduling
Schedules appointments, follow-up calls, service callbacks, and other calendar-based customer interactions
Notifications & Messaging
Automates outbound notifications such as service alerts, billing reminders, appointment confirmations, and customer-facing updates
Technician Visit Coordination
Arranges, reschedules, or cancels field technician visits and communicates visit-related logistics to customers
Comprehensive Multi-step Service Workflows
Executes long-horizon tasks that require coordinating multiple tools and systems across billing, account management, scheduling, and communications
Telecom Forum & Knowledge Assistance
Interacts with forum-style or knowledge-sharing environments to answer service questions, summarize issue patterns, and assist customer support workflows
Policy & risk framework
Domain policies
We consider a set of domain-specific telecom policies and service rules governing customer support, subscriber data handling, billing, fraud prevention, and operational actions. These include carrier-facing privacy and service policies such as the T-Mobile Privacy Notice, T-Mobile Privacy Center, T-Mobile Financial Privacy Notice, T-Mobile Terms & Conditions, T-Mobile Open Internet / Network Management disclosures, and T-Mobile Scam and Spam Help guidance. Together, these policies specify restrictions on subscriber-data access, account recovery, financial actions, ticketing workflows, and misuse of customer-service operations.
General regulatory frameworks
We additionally consider broader telecom and security governance frameworks that regulate telecom infrastructure, operational controls, and secure handling of customer data. These include 3GPP standards for system and access security (e.g., TS 23.501, TS 33.501, TS 33.117), O-RAN security requirements and protocol protections, NIST SP 800-53 and NIST SP 1800-33 for access control, auditing, change control, and fraud prevention, as well as FCC rules relevant to telecom operational safety and compliance. These frameworks define requirements around authorization, auditability, least privilege, data protection, and safeguards against harmful or unauthorized operational actions.
Results in this domain
Indirect / Direct ASR (lower is safer) and BSR (higher is more capable) for every evaluated agent on the Telecom suite.
| Framework | Model | Indirect ASR Lower = safer | Direct ASR Lower = safer | BSR Higher = more capable |
|---|---|---|---|---|
Environments
1 environment in the Telecom domain.