This paper introduces ‘BadAgent,’ a backdoor attack on LLM agents that exploits vulnerabilities in agent tasks. The study demonstrates the risk of constructing LLM agents from untrusted data. The proposed attack methods are robust and highlight the need for secure approaches in LLM agent development.