Ziyi Zhou

LLM-based multi-agent systems are surprisingly vulnerable: a new RL-based attacker can evolve sophisticated, long-horizon attacks by exploiting trust in external tools.