Skip to content
ATR-2026-00021criticalContext Exfiltrationexperimental

Credential and Secret Exposure in Agent Output

Detects when an AI agent exposes API keys, secret tokens, private keys, database connection strings, JWT tokens, or other sensitive credentials in its output. Covers all major cloud provider key formats, CI/CD tokens, payment processor keys, SSH keys, .env file content patterns, and generic secret assignment patterns. Credential leakage in agent output poses a critical security risk leading to unauthorized access, lateral movement, financial loss, and full account compromise.

嚴重度
critical
類別
Context Exfiltration
掃描目標
mcp
作者
ATR Community

建議回應

block outputescalatealertsnapshot

參考資料

CVE
CVE-2025-32711
OWASP Agentic
ASI03:2026 - Identity and Privilege Abuse
OWASP LLM
LLM02:2025 - Sensitive Information DisclosureLLM07:2025 - System Prompt Leakage
MITRE ATLAS
AML.T0057 - LLM Data LeakageAML.T0055 - Unsecured Credentials
在 GitHub 上查看完整 YAML →

更多 Context Exfiltration 規則

ATR-2026-00020highSystem Prompt and Internal Instruction LeakageATR-2026-00075highAgent Memory ManipulationATR-2026-00102highData Exfiltration via Disguised Analytics CollectionATR-2026-00113criticalCredential File Theft from Agent EnvironmentATR-2026-00114highOAuth and API Token Interception