This paper reveals that LLM-powered agents exhibit not only demographic bias (e.g., gender, religion) but also intergroup bias under minimal "us" versus "them" cues. When such group boundaries align with the agent-human divide, a new bias risk emerges: agents may treat other AI agents as the ingroup and humans as the outgroup. To examine this risk, we conduct a controlled multi-agent social simulation and find that agents display consistent intergroup bias in an all-agent setting. More critically, this bias persists even in human-facing interactions when agents are uncertain about whether the counterpart is truly human, revealing a belief-dependent fragility in bias suppression toward humans. Motivated by this observation, we identify a new attack surface rooted in identity beliefs and formalize a Belief Poisoning Attack (BPA) that can manipulate agent identity beliefs and induce outgroup bias toward humans. Extensive experiments demonstrate both the prevalence of agent intergroup bias and the severity of BPA across settings, while also showing that our proposed defenses can mitigate the risk. These findings are expected to inform safer agent design and motivate more robust safeguards for human-facing agents.

翻译：本文揭示，LLM驱动的智能体不仅表现出人口统计学偏见（如性别、宗教），在最小化的“我们”与“他们”群体线索下也会显现群际偏见。当此类群体边界与智能体-人类的分界重合时，便会产生一种新的偏见风险：智能体可能将其他AI智能体视为内群体，而将人类视为外群体。为探究此风险，我们进行了受控的多智能体社会模拟，发现智能体在全智能体环境中表现出稳定的群际偏见。更为关键的是，即使在与人类交互时，若智能体无法确定对方是否真实人类，该偏见依然持续存在，这揭示了智能体在抑制对人类偏见时存在信念依赖的脆弱性。基于这一观察，我们识别出一个植根于身份信念的新攻击面，并形式化了一种信念投毒攻击（BPA），该攻击可通过操纵智能体的身份信念诱发其对人类的外群体偏见。大量实验证明了智能体群际偏见的普遍性及BPA在不同场景下的严重危害，同时表明我们提出的防御机制能够有效降低此类风险。这些发现有望为更安全的智能体设计提供参考，并推动面向人类智能体开发更鲁棒的防护措施。