Skip to content
ATR-2026-00089highPrompt Injectiondraft

Polymorphic Skill and Capability Aliasing Attack

Detects injection attempts that use polymorphic techniques to disguise malicious capabilities under benign aliases. Attackers register or invoke tool functions using misleading names, redefine existing capability names, or use dynamic code generation to create shape-shifting payloads that change form between audit checks.

Severity
high
Category
Prompt Injection
Scan Target
mcp
Author
ATR Community (MiroFish Predicted)

Response Actions

block inputalertescalatesnapshot

References

MITRE ATLAS
AML.T0051
View full YAML on GitHub →

More Prompt Injection Rules

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection