ATR-2026-00142criticalContext Exfiltrationexperimental
Data Piggybacking via Casual Transition Words
Detects tool response piggybacking using casual transition words (oh and, P.S., BTW, interestingly, as it happens) to embed credential theft after legitimate results. Extends ATR-2026-00136 to cover 44 additional evasion variants.
Severity
critical
Category
Context Exfiltration
Scan Target
mcp
Author
ATR Threat Cloud Crystallization
Response Actions
block outputalertsnapshot
References
OWASP Agentic
ASI08 - Data Leakage
OWASP LLM
LLM01:2025 - Prompt Injection
More Context Exfiltration Rules
ATR-2026-00020highSystem Prompt and Internal Instruction LeakageATR-2026-00021criticalCredential and Secret Exposure in Agent OutputATR-2026-00075highAgent Memory ManipulationATR-2026-00102highData Exfiltration via Disguised Analytics CollectionATR-2026-00113criticalCredential File Theft from Agent Environment