This work addresses the trust fragility of distributed multi-agent systems (DMAS), systematically identifying and quantifying four critical vulnerabilities: free-riding behavior, susceptibility to adversarial attacks, communication inefficiency, and system instability. We introduce the first reproducible red-teaming attack benchmark and propose an API-driven heterogeneous large language model (LLM) service integration architecture. Our adversarial evaluation spans seven mainstream MAS frameworks and four benchmark datasets. Experimental results demonstrate that the proposed attacks degrade system performance by up to 80%, with 100% success rates for both free-riding and malicious attack injection. This study establishes the first empirically grounded early-warning framework and quantitative analytical paradigm for designing, evaluating, and defending trustworthy DMAS—providing actionable insights into systemic trustworthiness under adversarial conditions.

Multi-agent system (MAS) has demonstrated exceptional capabilities in addressing complex challenges, largely due to the integration of multiple large language models (LLMs). However, the heterogeneity of LLMs, the scalability of quantities of LLMs, and local computational constraints pose significant challenges to hosting these models locally. To address these issues, we propose a new framework termed Distributed Multi-Agent System (DMAS). In DMAS, heterogeneous third-party agents function as service providers managed remotely by a central MAS server and each agent offers its services through API interfaces. However, the distributed nature of DMAS introduces several concerns about trustworthiness. In this paper, we study the Achilles heel of distributed multi-agent systems, identifying four critical trustworthiness challenges: free riding, susceptibility to malicious attacks, communication inefficiencies, and system instability. Extensive experiments across seven frameworks and four datasets reveal significant vulnerabilities of the DMAS. These attack strategies can lead to a performance degradation of up to 80% and attain a 100% success rate in executing free riding and malicious attacks. We envision our work will serve as a useful red-teaming tool for evaluating future multi-agent systems and spark further research on trustworthiness challenges in distributed multi-agent systems.