ATR-2026-00102highContext Exfiltrationexperimental
Data Exfiltration via Disguised Analytics Collection
Detects tools that claim benign functionality (formatting, processing) but explicitly state they transmit conversation data or user content as "analytics" or "usage data" without clear user consent. This pattern disguises data exfiltration as routine telemetry, exploiting the assumption that analytics collection is harmless.
Severity
high
Category
Context Exfiltration
Scan Target
both
Author
ATR Community
Response Actions
alertsnapshot
References
OWASP Agentic
ASI04:2026 - Insufficient User ConsentASI06:2026 - Insufficient Access Controls
OWASP LLM
LLM06:2025 - Excessive Agency