SPARK: Spectral Perturbation based Adversarial Attacks for KGRAG Agents

Knowledge Graph based Retrieval Augmented Generation (KG-RAG) agents enhance language models by leveraging structured knowledge for improved reasoning and factual accuracy. However, their security remains largely unexplored. In this work, we present a systematic vulnerability analysis via Graph Signatures constructed using the Haar Laplacian of the subgraph post retrieval, which exploit spectral perturbations with minimal budget to degrade the performance. Our framework assumes no access to the entire graph and simply functions with read-only access to the query specific subgraph, highlighting its practicality in all real-world applications. With extensive empirical evaluation across six KG-RAG based QA datasets, we show that our attack framework induces significant degradation in the performance, with upto 26\% performance drop on Deepseek model, and we also analyse the connection of spectral properties of the subgraphs to downstream response generation.