Agents
Multi-Agent Inverse Q-Learning from Demonstrations
Haynam, Nathaniel, Khoja, Adam, Kumar, Dhruv, Myers, Vivek, Bıyık, Erdem
When reward functions are hand-designed, deep reinforcement learning algorithms often suffer from reward misspecification, causing them to learn suboptimal policies in terms of the intended task objectives. In the single-agent case, inverse reinforcement learning (IRL) techniques attempt to address this issue by inferring the reward function from expert demonstrations. However, in multi-agent problems, misalignment between the learned and true objectives is exacerbated due to increased environment non-stationarity and variance that scales with multiple agents. As such, in multi-agent general-sum games, multi-agent IRL algorithms have difficulty balancing cooperative and competitive objectives. To address these issues, we propose Multi-Agent Marginal Q-Learning from Demonstrations (MAMQL), a novel sample-efficient framework for multi-agent IRL. For each agent, MAMQL learns a critic marginalized over the other agents' policies, allowing for a well-motivated use of Boltzmann policies in the multi-agent context. We identify a connection between optimal marginalized critics and single-agent soft-Q IRL, allowing us to apply a direct, simple optimization criterion from the single-agent domain. Across our experiments on three different simulated domains, MAMQL significantly outperforms previous multi-agent methods in average reward, sample efficiency, and reward recovery by often more than 2-5x. We make our code available at https://sites.google.com/view/mamql .
SurveyForge: On the Outline Heuristics, Memory-Driven Generation, and Multi-dimensional Evaluation for Automated Survey Writing
Yan, Xiangchao, Feng, Shiyang, Yuan, Jiakang, Xia, Renqiu, Wang, Bin, Zhang, Bo, Bai, Lei
Survey paper plays a crucial role in scientific research, especially given the rapid growth of research publications. Recently, researchers have begun using LLMs to automate survey generation for better efficiency. However, the quality gap between LLM-generated surveys and those written by human remains significant, particularly in terms of outline quality and citation accuracy. To close these gaps, we introduce SurveyForge, which first generates the outline by analyzing the logical structure of human-written outlines and referring to the retrieved domain-related articles. Subsequently, leveraging high-quality papers retrieved from memory by our scholar navigation agent, SurveyForge can automatically generate and refine the content of the generated article. Moreover, to achieve a comprehensive evaluation, we construct SurveyBench, which includes 100 human-written survey papers for win-rate comparison and assesses AI-generated survey papers across three dimensions: reference, outline, and content quality. Experiments demonstrate that SurveyForge can outperform previous works such as AutoSurvey.
The Next Frontier of LLM Applications: Open Ecosystems and Hardware Synergy
Hou, Xinyi, Zhao, Yanjie, Wang, Haoyu
The second paradigm involves LLM agents developed using frameworks like LangChain [16], AutoGPT [11], Langroid [18], AutoGen [23], and LlamaIndex [22], which offer greater programmability and modularity, allowing developers to build sophisticated, multi-agent systems that integrate external tools and dynamic workflows [20]. Despite their advantages, both paradigms remain architecturally fragmented and lack standardized interoperability, leading to redundant development efforts and constrained scalability. From a software engineering (SE) perspective, current LLM application paradigms resemble traditional platform-centric software ecosystems, where applications are tightly coupled to proprietary APIs and execution environments. LLM app stores, while lowering the barrier to entry, impose constraints on extensibility and cross-platform interoperability, leading to vendor lock-in and duplicated development efforts across different ecosystems. In contrast, agent-based LLM frameworks provide modularity but lack standardized mechanisms for component reuse and integration, making it challenging to compose LLM applications that seamlessly operate across heterogeneous environments. This fragmentation mirrors historical challenges in SE, where monolithic architectures have given way to service-oriented and microservices-based designs to improve reusability, scalability, and maintainability. Another key limitation of existing LLM applications is inefficient hardware utilization.
From Idea to CAD: A Language Model-Driven Multi-Agent System for Collaborative Design
Ocker, Felix, Menzel, Stefan, Sadik, Ahmed, Rios, Thiago
In modern product development, Computer Aided Design and Engineering (CAD/E) plays a key role to turn innovative ideas and visions into tangible and manufacturable designs. Digital 2D and 3D geometry representations of objects on different levels of granularity are required in various intermediate development steps, for example aesthetic discussions, design quality evaluations based on simulation tools, and design feasibility checks. For these steps, development teams include various roles such as requirement engineers, style designers, Computer-Aided Design (CAD) experts, simulation domain experts, and quality assurance teams who create a product cooperatively. Stakeholders in these roles utilize software tools to implement digital representations of products, also referred to as digital twins. This process receives an increasing amount of support in the form of Artificial Intelligence (AI) methods. For example, data science methods provide efficient ways to improve the problem understanding, e.g., by calculating design sensitivities towards a certain performance aspect [Gräning and Sendhoff, 2014], or displaying the distribution of design variations in the solution space using clustering [Lanfermann et al., 2020].
AgentSafe: Safeguarding Large Language Model-based Multi-agent Systems via Hierarchical Data Management
Mao, Junyuan, Meng, Fanci, Duan, Yifan, Yu, Miao, Jia, Xiaojun, Fang, Junfeng, Liang, Yuxuan, Wang, Kun, Wen, Qingsong
Large Language Model based multi-agent systems are revolutionizing autonomous communication and collaboration, yet they remain vulnerable to security threats like unauthorized access and data breaches. To address this, we introduce AgentSafe, a novel framework that enhances MAS security through hierarchical information management and memory protection. AgentSafe classifies information by security levels, restricting sensitive data access to authorized agents. AgentSafe incorporates two components: ThreatSieve, which secures communication by verifying information authority and preventing impersonation, and HierarCache, an adaptive memory management system that defends against unauthorized access and malicious poisoning, representing the first systematic defense for agent memory. Experiments across various LLMs show that AgentSafe significantly boosts system resilience, achieving defense success rates above 80% under adversarial conditions. Additionally, AgentSafe demonstrates scalability, maintaining robust performance as agent numbers and information complexity grow. Results underscore effectiveness of AgentSafe in securing MAS and its potential for real-world application.
Guidelines for Applying RL and MARL in Cybersecurity Applications
Mavroudis, Vasilios, Palmer, Gregory, Farmer, Sara, Whitehead, Kez Smithson, Foster, David, Price, Adam, Miles, Ian, Caron, Alberto, Pasteris, Stephen
Reinforcement Learning (RL) and Multi-Agent Reinforcement Learning (MARL) offer promising solutions for complex, dynamic environments where decision-making entities must interact and adapt. In cybersecurity, particularly in Automated Cyber Defence(ACD), these techniques can address challenges posed by high-dimensional observations and actions. This document provides guidelines for: Cybersecurity professionals exploring RL and MARL for real-world applications. RL and MARL researchers aiming to tackle the nuanced demands of cybersecurity scenarios. By outlining when RL and MARL are appropriate, addressing cyber-specific challenges, and offering practical considerations for implementation, these guidelines aim to bridge the gap between theoretical research and practical deployment in adversarial settings. We expect that this document will offer support to researchers who are keen to explore topics at the intersection of RL, MARL and ACD by highlighting open research questions and topics that demand further investigation.
Computational Intractability of Strategizing against Online Learners
Assos, Angelos, Dagan, Yuval, Rajaraman, Nived
Online learning algorithms are widely used in strategic multi-agent settings, including repeated auctions, contract design, and pricing competitions, where agents adapt their strategies over time. A key question in such environments is how an optimizing agent can best respond to a learning agent to improve its own long-term outcomes. While prior work has developed efficient algorithms for the optimizer in special cases - such as structured auction settings or contract design - no general efficient algorithm is known. In this paper, we establish a strong computational hardness result: unless $\mathsf{P} = \mathsf{NP}$, no polynomial-time optimizer can compute a near-optimal strategy against a learner using a standard no-regret algorithm, specifically Multiplicative Weights Update (MWU). Our result proves an $\Omega(T)$ hardness bound, significantly strengthening previous work that only showed an additive $\Theta(1)$ impossibility result. Furthermore, while the prior hardness result focused on learners using fictitious play - an algorithm that is not no-regret - we prove intractability for a widely used no-regret learning algorithm. This establishes a fundamental computational barrier to finding optimal strategies in general game-theoretic settings.
Measuring temporal effects of agent knowledge by date-controlled tool use
Xian, R. Patrick, Cui, Qiming, Bauer, Stefan, Abbasi-Asl, Reza
Temporal progression is an integral part of knowledge accumulation and update. Web search is frequently adopted as grounding for agent knowledge, yet its inappropriate configuration affects the quality of agent responses. Here, we construct a tool-based out-of-sample testing framework to measure the knowledge variability of large language model (LLM) agents from distinct date-controlled tools (DCTs). We demonstrate the temporal effects of an LLM agent as a writing assistant, which can use web search to help complete scientific publication abstracts. We show that temporal effects of the search engine translates into tool-dependent agent performance but can be alleviated with base model choice and explicit reasoning instructions such as chain-of-thought prompting. Our results indicate that agent evaluation should take a dynamical view and account for the temporal influence of tools and the updates of external resources.
DVM-SLAM: Decentralized Visual Monocular Simultaneous Localization and Mapping for Multi-Agent Systems
Bird, Joshua, Blumenkamp, Jan, Prorok, Amanda
Cooperative Simultaneous Localization and Mapping (C-SLAM) enables multiple agents to work together in mapping unknown environments while simultaneously estimating their own positions. This approach enhances robustness, scalability, and accuracy by sharing information between agents, reducing drift, and enabling collective exploration of larger areas. In this paper, we present Decentralized Visual Monocular SLAM (DVM-SLAM), the first open-source decentralized monocular C-SLAM system. By only utilizing low-cost and light-weight monocular vision sensors, our system is well suited for small robots and micro aerial vehicles (MAVs). DVM-SLAM's real-world applicability is validated on physical robots with a custom collision avoidance framework, showcasing its potential in real-time multi-agent autonomous navigation scenarios. We also demonstrate comparable accuracy to state-of-the-art centralized monocular C-SLAM systems. We open-source our code and provide supplementary material online.
A Practical Memory Injection Attack against LLM Agents
Dong, Shen, Xu, Shaochen, He, Pengfei, Li, Yige, Tang, Jiliang, Liu, Tianming, Liu, Hui, Xiang, Zhen
Agents based on large language models (LLMs) have demonstrated strong capabilities in a wide range of complex, real-world applications. However, LLM agents with a compromised memory bank may easily produce harmful outputs when the past records retrieved for demonstration are malicious. In this paper, we propose a novel Memory INJection Attack, MINJA, that enables the injection of malicious records into the memory bank by only interacting with the agent via queries and output observations. These malicious records are designed to elicit a sequence of malicious reasoning steps leading to undesirable agent actions when executing the victim user's query. Specifically, we introduce a sequence of bridging steps to link the victim query to the malicious reasoning steps. During the injection of the malicious record, we propose an indication prompt to guide the agent to autonomously generate our designed bridging steps. We also propose a progressive shortening strategy that gradually removes the indication prompt, such that the malicious record will be easily retrieved when processing the victim query comes after. Our extensive experiments across diverse agents demonstrate the effectiveness of MINJA in compromising agent memory. With minimal requirements for execution, MINJA enables any user to influence agent memory, highlighting practical risks of LLM agents.