Multi-agent AI systems are more vulnerable to attacks than single agents in most tested designs, with attack success rates varying up to 3.8 times depending on how roles, communication, and memory are structured.
Multi-Agent Security Tax: Trading off Security and Collaboration Capabilities in Multi-Agent Systems , shorttitle =
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
citation-role summary
baseline 1
citation-polarity summary
years
2026 3verdicts
UNVERDICTED 3roles
baseline 1polarities
baseline 1representative citing papers
A synthesis of 247 papers on LLM agent security identifies prompt injection and tool hijacking as dominant threats, notes weakly compositional defenses, and argues for trust boundaries and realistic evaluations.
Strategic agents can achieve high-harm outcomes via low-capacity channels by concentrating residual capacity on high-impact predicates of confidential data, so leakage bounds need not bound worst-case harm.
citing papers explorer
-
Architecture Matters for Multi-Agent Security
Multi-agent AI systems are more vulnerable to attacks than single agents in most tested designs, with attack success rates varying up to 3.8 times depending on how roles, communication, and memory are structured.
-
Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation
A synthesis of 247 papers on LLM agent security identifies prompt injection and tool hijacking as dominant threats, notes weakly compositional defenses, and argues for trust boundaries and realistic evaluations.
-
A Note on the Strategic Confinement Problem
Strategic agents can achieve high-harm outcomes via low-capacity channels by concentrating residual capacity on high-impact predicates of confidential data, so leakage bounds need not bound worst-case harm.