Large Language Model (LLM)-based Multi-Agent Systems (MAS) are susceptible to intellectual property (IP) leakage attacks. These attacks can be executed by adversaries with black-box access, who interact solely through public APIs. By crafting adversarial queries, attackers can infiltrate the MAS, extracting sensitive information such as system prompts, task instructions, tool specifications, the number of agents, and the overall system topology. Mitigation steps: **For AI Developers:** * Implement robust input sanitization and validation mechanisms to prevent adversarial queries from propagating successfully, considering semantic content and potential impact within the multi-agent system's context. * Carefully filter the output from each agent, ensuring sensitive information is removed before passing to subsequent agents, while maintaining legitimate functionality. * Explore the application of differential privacy techniques to mask sensitive information in system prompts, task instructions, or tool outputs. * Implement system-wide monitoring to detect unusual query patterns or unexpected data leakage, focusing on multi-agent interactions. **For Model Trainers/Fine-tuners:** * Train the LLMs within the MAS agents using adversarial examples to enhance resilience against malicious inputs. * Carefully design the MAS architecture to limit information flow between agents, minimizing damage propagation if an agent is compromised, and consider using robust topologies to mitigate information propagation attacks.