A Survey of Security in Real-World Agents: From Digital Agents to Embodied AI and Robotics

The Hong Kong University of Science and Technology (Guangzhou)

数据科学与分析学域

PhD Qualifying Examination

By Mr. SUN, Zhen

摘要

Large language models (LLMs) are rapidly evolving into real-world agents that interact with digital interfaces, external tools, persistent memory, and physical environments. This shift fundamentally changes the nature of security risks: vulnerabilities that once mainly affected model outputs can now propagate through planning, tool use, and control loops, eventually becoming unsafe workflows, persistent compromise, data exposure, or physically consequential actions. In this survey, we review security risks across a spectrum of real-world agents, ranging from software-centric systems (including digital and computer-use agents) to physical platforms (such as embodied and robotic systems). We organize the literature around lifecycle attack surfaces, major threat families, defense and assurance mechanisms, and existing benchmarks. We further argue that future research should move beyond attack demonstrations in simplified settings toward deployment-valid evaluation, where security is assessed under realistic tools, privilege boundaries, long-horizon execution, and physical-world constraints.

PQE Committee

• Chair: Prof. LUO, Qiong
• Prime Supervisor: Prof. WEI, Jiaheng
• Co-Supervisor: Prof. YUE, Yutao
• Examiner: Prof. WEN, Zeyi