Threats and Vulnerabilities in Artificial Intelligence and Agentic AI Models

Petar Radanliev^1,2*Omar Santos³Carsten Maple^2,4

• ¹University of Oxford, Oxford, United Kingdom
• ²The Alan Turing Institute, London, United Kingdom
• ³Cisco Systems Inc, San Jose, United States
• ⁴University of Warwick, Coventry, United Kingdom

Abstract: This study develops a system-level analytical framework for understanding adversarial vulnerabilities in artificial and agentic AI systems, reconceptualising adversarial robustness beyond input-level perturbations to encompass autonomy, self-governance, and closed-loop decision-making. We formalise adversarial risk across perceptual, cognitive, and executive layers, thereby extending classical adversarial machine-learning theory to agentic architectures whose behaviour unfolds over time through feedback and control. Drawing on a PRISMA-compliant systematic literature review, bibliometric analysis, and targeted empirical validation, we synthesise established adversarial results across vision benchmarks and recent large-language-model red-teaming studies to contextualise the framework rather than to propose new state-of-the-art benchmarks. The analysis demonstrates that no single defence mechanism is sufficient across layers, as vulnerabilities propagate from perception to policy and actuation. We show that architectural similarity, domain shift, and feedback dynamics critically shape adversarial transferability and failure modes, with direct implications for safety-critical domains including mobility, healthcare imaging, and biometric security. By framing higher-order agentic adversarial threats as hypothesis-driven, system-level risks, this work defines a coherent research agenda for agentic AI security focused on behavioural integrity, lifecycle resilience, and governance-aware defence design.