As AI agents evolve from passive tools to autonomous decision-making entities, novel security vulnerabilities emerge across cognitive, operational, and collective dimensions—challenges inadequately addressed by existing frameworks. This work proposes the Hierarchical Autonomy Evolution (HAE) framework, which establishes a three-tiered security architecture spanning individual cognition (L1), execution (L2), and multi-agent social systems (L3). The framework systematically characterizes threats at each level and introduces a taxonomy oriented toward the evolution of autonomy. Leveraging large language model–driven security analysis, hierarchical threat modeling, and multi-agent risk assessment, this study not only identifies critical cross-layer research gaps but also provides a comprehensive evaluation of current defense mechanisms, thereby offering both theoretical foundations and practical guidance for building a multi-layered, autonomy-aware AI safety paradigm.

Artificial Intelligence (AI) agents have evolved from passive predictive tools into active entities capable of autonomous decision-making and environmental interaction, driven by the reasoning capabilities of Large Language Models (LLMs). However, this evolution has introduced critical security vulnerabilities that existing frameworks fail to address. The Hierarchical Autonomy Evolution (HAE) framework organizes agent security into three tiers: Cognitive Autonomy (L1) targets internal reasoning integrity; Execution Autonomy (L2) covers tool-mediated environmental interaction; Collective Autonomy (L3) addresses systemic risks in multi-agent ecosystems. We present a taxonomy of threats spanning cognitive manipulation, physical environment disruption, and multi-agent systemic failures, and evaluate existing defenses while identifying key research gaps. The findings aim to guide the development of multilayered, autonomy-aware defense architectures for trustworthy AI agent systems.