In Multi-Agent Communication Protocols (MCP) and Agent-to-Agent (A2A) frameworks, LLM-based agents face heightened privacy leakage risks during sensitive communications, while existing benchmarks are static and oversimplified, failing to capture real-world dynamic threats. Method: We propose the first integrated privacy assessment and protection framework tailored for dynamic agent environments. Innovatively, we formalize context integrity theory into computable principles, design a model-agnostic, modular PrivacyChecker detector, and build PrivacyLens-Live—a real-time evaluation system enabling fine-grained context tracing and adaptive response. Results: Experiments on DeepSeek-R1 and GPT-4o demonstrate significant reductions in privacy leakage rates—from 36.08% to 7.30% and from 33.06% to 8.32%, respectively—without statistically significant degradation in task completion quality. This work establishes the first solution achieving synergistic optimization of privacy preservation and task efficacy in dynamic multi-agent settings.

The increasing autonomy of LLM agents in handling sensitive communications, accelerated by Model Context Protocol (MCP) and Agent-to-Agent (A2A) frameworks, creates urgent privacy challenges. While recent work reveals significant gaps between LLMs' privacy Q&A performance and their agent behavior, existing benchmarks remain limited to static, simplified scenarios. We present PrivacyChecker, a model-agnostic, contextual integrity based mitigation approach that effectively reduces privacy leakage from 36.08% to 7.30% on DeepSeek-R1 and from 33.06% to 8.32% on GPT-4o, all while preserving task helpfulness. We also introduce PrivacyLens-Live, transforming static benchmarks into dynamic MCP and A2A environments that reveal substantially higher privacy risks in practical. Our modular mitigation approach integrates seamlessly into agent protocols through three deployment strategies, providing practical privacy protection for the emerging agentic ecosystem. Our data and code will be made available at https://aka.ms/privacy_in_action.