This research uncovers critical security vulnerabilities in multi-tool LLM agent systems through systematic analysis of task control flows, revealing how attackers can exploit tool integration weaknesses.

• Cross-Tool Harvesting: Attackers can extract sensitive information from one tool through another tool's operation
• Cross-Tool Polluting: Malicious inputs from one tool can compromise operations in other connected tools
• Wide-scale vulnerability: Security scanning revealed these issues in 82.5% of tested multi-tool agents
• Practical attack demonstrations: Researchers showcased successful attacks against production systems

These findings are crucial for organizations implementing LLM agent systems, highlighting the need for improved security measures in tool integration, proper access control, and careful management of data flow between tools.

Les Dissonances: Cross-Tool Harvesting and Polluting in Multi-Tool Empowered LLM Agents