From Prompt Injections to Protocol Exploits: Threats in LLM-Powered AI Agents Workflows