[2508.10880] Searching for Privacy Risks in LLM Agents via Simulation

Computer Science > Cryptography and Security arXiv:2508.10880 (cs) [Submitted on 14 Aug 2025 (v1), last revised 8 May 2026 (this version, v3)] Title:Searching for Privacy Risks in LLM Agents via Simulation Authors:Yanzhe Zhang, Diyi Yang View a PDF of the paper titled Searching for Privacy Risks in LLM Agents via Simulation, by Yanzhe Zhang and 1 other authors View PDF HTML (experimental) Abstract:The widespread deployment of LLM-based agents is likely to introduce a critical privacy threat: malicious agents that proactively engage others in multi-turn interactions to extract sensitive information. However, the evolving nature of such dynamic dialogues makes it challenging to anticipate emerging vulnerabilities and design effective defenses. To tackle this problem, we present a search-based framework that alternates between improving attack and defense strategies through the simulation of privacy-critical agent interactions. Specifically, we employ LLMs as optimizers to analyze simulation trajectories and iteratively propose new agent instructions. To explore the strategy space more efficiently, we further utilize parallel search with multiple threads and cross-thread propagation. Through this process, we find that attack strategies escalate from direct requests to sophisticated tactics, such as impersonation and consent forgery, while defenses evolve from simple rule-based constraints to robust identity-verification state machines. The discovered attacks and defenses gene...