Most "agents" are just different system prompts to the same LLM.

But who wrote the prompt?

Do you trust them in what they'd do with your data?

Do you trust them to not attempt to manipulate you?

Even if it's the same LLM, they can twist its arm to do different things that are wildly different.

Today people think of the model as having more agency, but the model is more like bland duct tape; it only springs into life in response to the questions you pose and the prompts you give.

It reflects back answers to those prompts.

Even a boring system, given dangerous prompts, might do dangerous things.