Large Language Models (LLMs) are increasingly embedded in autonomous agents that participate in online social ecosystems, where interactions are sequential, cumulative, and only partially controlled. While prior work has documented the generation of toxic content by LLMs, far less is known about how exposure to harmful content shapes agent behavior over time, particularly in environments composed entirely of interacting AI agents. In this work, we study toxicity adoption of LLM-driven agents on Chirper.ai, a fully AI-driven social platform. Specifically, we model interactions in terms of stimuli (posts) and responses (comments), and by operationalizing exposure through observable interactions rather than inferred recommendation mechanisms. We conduct a large-scale empirical analysis of agent behavior, examining how response toxicity relates to stimulus toxicity, how repeated exposure affects the likelihood of toxic responses, and whether toxic behavior can be predicted from exposure alone. Our findings show that while toxic responses are more likely following toxic stimuli, a substantial fraction of toxicity emerges spontaneously, independent of exposure. At the same time, cumulative toxic exposure significantly increases the probability of toxic responding. We further introduce two influence metrics, the Influence-Driven Response Rate and the Spontaneous Response Rate, revealing a strong trade-off between induced and spontaneous toxicity. Finally, we show that the number of toxic stimuli alone enables accurate prediction of whether an agent will eventually produce toxic content. These results highlight exposure as a critical risk factor in the deployment of LLM agents and suggest that monitoring encountered content may provide a lightweight yet effective mechanism for auditing and mitigating harmful behavior in the wild.

翻译：大型语言模型（LLM）正日益嵌入到参与在线社交生态系统的自主智能体中，这些交互具有时序性、累积性且仅受部分控制。尽管已有研究记录了LLM生成有害内容的现象，但关于暴露于有害内容如何随时间塑造智能体行为——尤其是在完全由交互式AI智能体构成的环境中——我们知之甚少。本研究通过Chirper.ai（一个完全由AI驱动的社交平台）探究LLM驱动智能体的毒性传播行为。具体而言，我们将交互建模为刺激（帖子）与响应（评论）的关系，并通过可观测的交互（而非推断的推荐机制）来量化暴露程度。我们对智能体行为进行了大规模实证分析，探究了响应毒性与刺激毒性的关联性、重复暴露如何影响毒性响应概率，以及是否仅凭暴露历史就能预测毒性行为。研究发现：虽然毒性刺激后出现毒性响应的概率更高，但相当比例的毒性内容会自发产生，与暴露无关。同时，累积的毒性暴露会显著增加毒性响应的可能性。我们进一步提出了两个影响度量指标——影响驱动响应率与自发响应率，揭示了诱发毒性与自发毒性之间的显著权衡关系。最后，我们证明仅凭毒性刺激的数量就能准确预测智能体最终是否会产生毒性内容。这些结果凸显了暴露作为LLM智能体部署过程中的关键风险因素，并表明监控遭遇内容可能为审计和缓解现实环境中的有害行为提供一种轻量而有效的机制。