Large Language Models (LLMs) are increasingly being deployed as autonomous agents capable of performing complex tasks with minimal human supervision. These LLM agents often have access to sensitive user data, corporate information, and other private content.
Unlike traditional machine learning systems with well-defined input/output boundaries, LLM agents maintain conversation state and can be induced to reveal information through sophisticated interaction patterns. Privacy concerns around LLMs have primarily focused on training data extraction, but less attention has been paid to privacy vulnerabilities during deployment as agents that interact with sensitive data sources [Li et al., 2024; Wang et al., 2025].
This research project aims to fill this gap by:
- Investigating novel privacy attack vectors specific to LLM agents.
- Developing robust defensive mechanisms to mitigate privacy risks during deployment.
The increasing adoption of LLM agents across industries handling sensitive information, such as:
- Healthcare
- Finance
- Legal services
makes this research timely and critical.
Recent incidents have demonstrated that even commercial LLM systems can be manipulated to reveal private information through carefully crafted prompts. As these systems gain broader access privileges and operate with greater autonomy, the privacy implications grow more significant.