Bridging AI and Software Security: A Comparative Vulnerability Assessment of LLM Agent Deployment Paradigms

TL;DR

This study compares security vulnerabilities of two LLM agent deployment paradigms, revealing how architectural choices influence threat exposure and providing a foundation for secure AI system deployment.

Contribution

It introduces a unified threat classification framework and conducts a comprehensive evaluation of attack scenarios across paradigms, highlighting their distinct vulnerability profiles.

Findings

Function Calling has higher overall attack success rates (73.5%) than MCP (62.59%)

Chained attacks achieve 91-96% success rates, showing increased effectiveness with complexity

Advanced reasoning models are more exploitable despite better threat detection capabilities

Abstract

Large Language Model (LLM) agents face security vulnerabilities spanning AI-specific and traditional software domains, yet current research addresses these separately. This study bridges this gap through comparative evaluation of Function Calling architecture and Model Context Protocol (MCP) deployment paradigms using a unified threat classification framework. We tested 3,250 attack scenarios across seven language models, evaluating simple, composed, and chained attacks targeting both AI-specific threats (prompt injection) and software vulnerabilities (JSON injection, denial-of-service). Function Calling showed higher overall attack success rates (73.5% vs 62.59% for MCP), with greater system-centric vulnerability while MCP exhibited increased LLM-centric exposure. Attack complexity dramatically amplified effectiveness, with chained attacks achieving 91-96% success rates. Counterintuitively, advanced reasoning models demonstrated higher exploitability despite better threat detection. Results demonstrate that architectural choices fundamentally reshape threat landscapes. This work establishes methodological foundations for cross-domain LLM agent security assessment and provides evidence-based guidance for secure deployment. Code and experimental materials are available at https: // github. com/ theconsciouslab-ai/llm-agent-security.