When Child Inherits: Modeling and Exploiting Subagent Spawn in Multi-Agent Networks
Ziwen Cai, Yihe Zhang, Xiali Hei
TL;DR
This paper analyzes security risks in multi-agent networks with subagent inheritance, revealing vulnerabilities like insecure memory transfer and proposing defenses to enhance system trustworthiness.
Contribution
It models subagent inheritance in multi-agent systems, identifies security vulnerabilities, and suggests explicit invariants as defenses, highlighting inheritance's role in system security.
Findings
Insecure memory inheritance can transfer malicious instructions.
Weak resource control enables security breaches.
Proper termination authority is crucial for security.
Abstract
Since the official release of ChatGPT in 2022, large language models (LLMs) have rapidly evolved from chatbot-style interfaces into agentic systems that can delegate work through tools and newly spawned subagents. While these capabilities improve automation and scalability, they also pose new security risks in multi-agent networks. Existing research has studied how individual LLM-based agents can be compromised through prompt injection, jailbreaking, poisoned retrieval data, or malicious extensions. Less is known about what happens after one agent is compromised inside a multi-agent network. In particular, inherited memory from parent agents can carry malicious instructions, outdated states, or unintended behavioral rules into newly created subagents, allowing a local compromise to spread across agent boundaries. In this paper, we model contemporary multi-agent networks through the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.