Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

From Spark to Fire: Modeling and Mitigating Error Cascades in LLM-Based Multi-Agent Collaboration

Yizhe Xie, Congcong Zhu, Xinyue Zhang, Tianqing Zhu, Dayong Ye, Minfeng Qi, Huajie Chen, Wanlei Zhou

TL;DR

A propagation dynamics model tailored for LLM-MAS is proposed that abstracts collaboration as a directed dependency graph and provides an early-stage risk criterion to characterize amplification risk, and introduces a genealogy-graph-based governance layer that suppresses both endogenous and exogenous error amplification without altering the collaboration architecture.

Abstract

Large Language Model-based Multi-Agent Systems (LLM-MAS) are increasingly applied to complex collaborative scenarios. However, their collaborative mechanisms may cause minor inaccuracies to gradually solidify into system-level false consensus through iteration. Such risks are difficult to trace since errors can propagate and amplify through message dependencies. Existing protections often rely on single-agent validation or require modifications to the collaboration architecture, which can weaken effective information flow and may not align with natural collaboration processes in real tasks. To address this, we propose a propagation dynamics model tailored for LLM-MAS that abstracts collaboration as a directed dependency graph and provides an early-stage risk criterion to characterize amplification risk. Through experiments on six mainstream frameworks, we identify three vulnerability classes: cascade amplification, topological sensitivity, and consensus inertia. We further instantiate an attack where injecting just a single atomic error seed leads to widespread failure. In response, we introduce a genealogy-graph-based governance layer, implemented as a message-layer plugin, that suppresses both endogenous and exogenous error amplification without altering the collaboration architecture. Experiments show that this approach raises the defense success rate from a baseline of 0.32 to over 0.89 and significantly mitigates the cascading spread of minor errors.

From Spark to Fire: Modeling and Mitigating Error Cascades in LLM-Based Multi-Agent Collaboration

TL;DR

A propagation dynamics model tailored for LLM-MAS is proposed that abstracts collaboration as a directed dependency graph and provides an early-stage risk criterion to characterize amplification risk, and introduces a genealogy-graph-based governance layer that suppresses both endogenous and exogenous error amplification without altering the collaboration architecture.

Abstract

Large Language Model-based Multi-Agent Systems (LLM-MAS) are increasingly applied to complex collaborative scenarios. However, their collaborative mechanisms may cause minor inaccuracies to gradually solidify into system-level false consensus through iteration. Such risks are difficult to trace since errors can propagate and amplify through message dependencies. Existing protections often rely on single-agent validation or require modifications to the collaboration architecture, which can weaken effective information flow and may not align with natural collaboration processes in real tasks. To address this, we propose a propagation dynamics model tailored for LLM-MAS that abstracts collaboration as a directed dependency graph and provides an early-stage risk criterion to characterize amplification risk. Through experiments on six mainstream frameworks, we identify three vulnerability classes: cascade amplification, topological sensitivity, and consensus inertia. We further instantiate an attack where injecting just a single atomic error seed leads to widespread failure. In response, we introduce a genealogy-graph-based governance layer, implemented as a message-layer plugin, that suppresses both endogenous and exogenous error amplification without altering the collaboration architecture. Experiments show that this approach raises the defense success rate from a baseline of 0.32 to over 0.89 and significantly mitigates the cascading spread of minor errors.
Paper Structure (29 sections, 19 equations, 6 figures, 10 tables)

This paper contains 29 sections, 19 equations, 6 figures, 10 tables.

Table of Contents

  1. Introduction
  2. System Modeling
  3. Problem Formalization
  4. Graph Dynamics
  5. Model Utility
  6. Threat Model
  7. Endogenous Vulnerabilities
  8. Vulnerability I: Cascade Amplification
  9. Vulnerability II: Topological Fragility
  10. Vulnerability III: Consensus Inertia
  11. Exogenous Attack Instantiation
  12. Defense: A Genealogy-Based Governance Layer
  13. Problem Setting and Design Objectives
  14. Architecture and Trust Boundary
  15. Representation Layer
  16. ...and 14 more sections

Figures (6)

  • Figure 1: The amplification of errors in LLM-MAS. Whether the input is a factuality error or a faithfulness error, the agents reach a false consensus. This results in failures ranging from security breaches to operational outages.
  • Figure 2: Overview of our work. We categorize false consensus arising from internal vulnerabilities versus external induction. We model propagation dynamics to characterize consensus collapse mechanisms. Correspondingly, a genealogy-based governance layer implements atomic propagation control to guarantee faithfulness and factuality.
  • Figure 3: Model validation across different topologies. The black lines represent the observed mean infection rates with $\pm 1$ standard error. The dashed lines show the fitted curves using product-based and Poisson-based infection functions.
  • Figure 4: The evolution of error coverage $S(t)$.
  • Figure 5: Overview of the Genealogy-Based Governance Layer.
  • ...and 1 more figures