An Evaluation of Data Leakage Risks in Tool-Using LLM Agents in Realistic Scenarios

The paper evaluates data leakage risks in tool-using LLM agents across 12 realistic non-adversarial tasks, focusing on areas such as customer support and DevOps. The study, conducted by the Singapore AI Safety Institute and the Korea AI Safety Institute, identifies five key risk types and reveals that none of the tested agents achieved complete safety or correctness, highlighting significant data-handling failures even in benign scenarios. This research underscores the need for separate evaluations of agent capabilities and data-handling safety, positioning operational data leakage as a critical concern for practitioners developing AI agents.