This work addresses the challenge of effectively detecting denial-of-service and performance-degradation attacks in O-RAN open interfaces, where existing time-series anomaly detection methods struggle due to label scarcity, rapidly evolving threats, and high-dimensional telemetry data. To overcome these limitations, the authors propose DAST, a novel zero-shot multi-agent framework that introduces a VLM→LLM→VLM three-stage pipeline: it first converts multivariate KPIs into visual representations, then integrates O-RAN domain knowledge for semantic interface assessment via a large language model, and finally validates anomalies and localizes cross-interface issues using high-resolution heatmaps. The approach requires no labeled data and directly outputs impact severity ratings and decision rationales compliant with O-RAN WG11 standards. Evaluated on a real-world testbed, DAST achieves an F1 score of 0.910 and accuracy of 0.843, significantly outperforming current time-series anomaly detection methods.

O-RAN enables a disaggregated baseband stack with programmable functions that communicate over standardized open interfaces. The same openness that enables multi-vendor composition also expands the attack surface across logically decoupled tiers that make up the compute continuum. Among these threats, Denial-of-Service and performance-degradation attacks, which account for the majority of catalogued O-RAN threats, are particularly difficult to detect. Traditional Time-Series Anomaly Detection (TSAD) methods fail in this new regime where labelled baselines are scarce, threats evolve faster than detectors can be retrained, and the high-dimensional multivariate telemetry overwhelms monolithic inference models. To address these challenges, we present DAST, a zero-shot multi-agent framework for cross-interface anomaly detection in O-RAN that chains a three-stage VLM $\rightarrow$ LLM $\rightarrow$ VLM pipeline. DAST converts multivariate KPI streams into visual representations, scores textual per-interface descriptions against O-RAN domain knowledge, and verifies suspects on high-resolution heatmaps to output the problematic interfaces, the anomalous time intervals, an indicative O-RAN WG11-aligned operational impact rating and the decision rationale. We evaluate DAST on real network traces collected from an O-RAN testbed under representative performance degradation scenarios, achieving 0.910 F1-Score and 0.843 Accuracy, outperforming state-of-the-art TSAD baselines.