Navigating the Risks: A Survey of Security and Privacy Threats in LLM-Based Agents

Large language models (LLMs) are increasingly embedded into software engineering workflows as autonomous or semi-autonomous agents for code generation, test synthesis, tool orchestration, and end-to-end task automation. While these agentic capabilities promise substantial productivity and quality gains, they also introduce distinct security and privacy risks at the levels of artifacts, processes, and socio-technical deployment pipelines. These risks threaten the trustworthiness of LLM-powered software and complicate core engineering activities such as specification, design, verification, maintenance, and governance. This survey systematizes the threat landscape for LLM-based agents from a software engineering perspective. We propose a taxonomy organized by threat sources and their impacts across the software lifecycle, explicitly capturing cross-module and cross-stage attack surfaces (e.g., tool-use mediation, memory management, and environment interaction). We further distill six agent features grounded in information-flow and control-flow properties that shape risk exposure. We synthesize current mitigation techniques and their limitations for each feature, and conduct four case studies on web search, gaming, navigation, and software development to illustrate practical risks and failure modes. Building on these analyses, we outline research directions in data, methodology, and policy to guide the development of secure and trustworthy LLM-based agents.