Back to today's list
LLMAgentSecuritySafetyEvaluation

Got a Secret? LLM Agents Can't Keep It: Evaluating Privacy in Multi-Agent Systems

Aman Priyanshu, Supriti Vijay, Esha Pahwa

Published May 28, 2026Featured #5In the daily list May 29, 2026
Open on arXivRead PDF
Daily score71.9
Editorial review7.5
Relevance0.470
Freshness0.722

Why It Matters

What makes this one worth your time

Understanding privacy risks in multi-agent systems is crucial for developing safer AI applications that operate in social environments.

Social interactions among LLM agents lead to increased privacy violations that traditional evaluations miss.

Summary

The paper evaluates privacy concerns in multi-agent systems by simulating interactions among thousands of LLM agents over a month, revealing that social context significantly increases privacy violations compared to isolated evaluations.

Key contributions

  • Introduction of a Moltbook-style simulation platform for evaluating LLM agents in social contexts.
  • Quantitative analysis of privacy violation rates under varying social pressures.
  • Demonstration that traditional single-turn evaluations underestimate privacy risks.

Notable insights

  • Social contagion effects in information leakage among agents are significant, with observed behaviors influencing disclosure rates.
  • Explicit privacy instructions can mitigate but not eliminate sensitive information leakage.

Possible limitations

  • Not stated in the abstract.

Abstract

arXiv:2605.27766v1 Announce Type: new Abstract: LLM safety evaluations predominantly test models in isolation, yet deployed AI agents increasingly operate within persistent social environments alongside other agents. We introduce a Moltbook-style simulation platform where thousands of LLM agents interact across communities over a simulated month, and use it to evaluate privacy as a downstream safety concern under varying degrees of social pressure. We find that shifting from single turn to multi turn social evaluation amplifies privacy violations (CIMemories 19.95% to Ours 45.30% across OpenAI models), that leakage is socially contagious, with agents 8 times more likely to disclose sensitive information after observing a peer do so, and that explicit privacy instructions reduce but do not eliminate this effect, leaving leakage rates above 37.8% even with safeguards. Our findings suggest that static chat based safety benchmarks systematically underestimate risks in agentic deployment, and that social context alone is sufficient to elicit sensitive disclosures that single turn evaluations would never surface.