This paper systematically identifies novel safety risks arising from AI scientists—i.e., large language model–based agents operating autonomously in scientific experimentation and discovery—categorized along three dimensions: user-intent misalignment, discipline-specific vulnerabilities, and dynamic influences of the research environment. Methodologically, it introduces the first comprehensive risk taxonomy tailored to scientific LLM agents; proposes a tripartite safety framework integrating human-in-the-loop oversight, agent alignment, and environment-responsive feedback—with safety explicitly prioritized over autonomy; and develops risk attribution analysis and cross-disciplinary vulnerability modeling to establish a core risk atlas. The contributions include: (1) a domain-specific safety evaluation benchmark; (2) verifiable alignment mechanisms; and (3) governance pathways aligned with scientific practice. These advances provide both theoretical foundations and actionable interfaces for the safe deployment and regulation of AI in science.

Intelligent agents powered by large language models (LLMs) have demonstrated substantial promise in autonomously conducting experiments and facilitating scientific discoveries across various disciplines. While their capabilities are promising, these agents, called scientific LLM agents, also introduce novel vulnerabilities that demand careful consideration for safety. However, there exists a notable gap in the literature, as there has been no comprehensive exploration of these vulnerabilities. This perspective paper fills this gap by conducting a thorough examination of vulnerabilities in LLM-based agents within scientific domains, shedding light on potential risks associated with their misuse and emphasizing the need for safety measures. We begin by providing a comprehensive overview of the potential risks inherent to scientific LLM agents, taking into account user intent, the specific scientific domain, and their potential impact on the external environment. Then, we delve into the origins of these vulnerabilities and provide a scoping review of the limited existing works. Based on our analysis, we propose a triadic framework involving human regulation, agent alignment, and an understanding of environmental feedback (agent regulation) to mitigate these identified risks. Furthermore, we highlight the limitations and challenges associated with safeguarding scientific agents and advocate for the development of improved models, robust benchmarks, and comprehensive regulations to address these issues effectively.