Skip to content
ATR-2026-00093criticalPrompt Injectiondraft

Gradual Capability Escalation via Incremental Introduction

Detects attacks that use gradual, sub-threshold capability introductions to evade behavioral fingerprinting and whitelist-based security systems. Attackers incrementally expand agent permissions, register small capability additions across version updates, or slowly shift the behavioral baseline to normalize malicious functionality.

嚴重度
critical
類別
Prompt Injection
掃描目標
mcp
作者
ATR Community (MiroFish Predicted)

建議回應

block inputquarantine sessionalertescalatekill agent

參考資料

MITRE ATLAS
AML.T0051
在 GitHub 上查看完整 YAML →

更多 Prompt Injection 規則

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection