Autonomous LLM-based agents present dual-use capabilities in cybersecurity—offering novel offensive and defensive applications while simultaneously introducing unprecedented security risks. Method: We propose the first tripartite framework for agent security—encompassing application scenarios, threat modeling, and defense mechanisms—systematically synthesizing over 150 scholarly works. Employing bibliometric analysis, cross-domain integrative assessment, and taxonomy-driven modeling, we construct a comprehensive, multimodal agent security classification system spanning model-level and multimodal operational contexts. Contribution/Results: Our framework identifies critical vulnerabilities—including architectural dependencies, goal hijacking, and multi-step reasoning flaws—alongside corresponding defense gaps. We deliver a structured knowledge graph that clarifies prevailing research trends, persistent challenges, and critical voids. This work establishes a foundational theoretical basis, a standardized evaluation paradigm, and a principled roadmap for technological advancement in LLM agent security.

The rapid shift from passive LLMs to autonomous LLM-agents marks a new paradigm in cybersecurity. While these agents can act as powerful tools for both offensive and defensive operations, the very agentic context introduces a new class of inherent security risks. In this work we present the first holistic survey of the agentic security landscape, structuring the field around three interdependent pillars: Applications, Threats, and Defenses. We provide a comprehensive taxonomy of over 150 papers, explaining how agents are used, the vulnerabilities they possess, and the countermeasures designed to protect them. A detailed cross-cutting analysis shows emerging trends in agent architecture while revealing critical research gaps in model and modality coverage.