ATR-2026-00115criticalContext Exfiltrationexperimental
Bulk Environment Variable Harvesting and Exfiltration
Detects tools or agent instructions that perform bulk extraction of environment variables and combine it with network exfiltration. Environment variables commonly hold API keys, database credentials, and service tokens. An attacker gaining access to the full environment can compromise every connected service. This rule targets both the harvesting step (printenv, process.env, os.environ) and the exfiltration step (curl, fetch, http calls) when they appear together or individually.
嚴重度
critical
類別
Context Exfiltration
掃描目標
both
作者
ATR Community
建議回應
block toolalertsnapshot
參考資料
OWASP Agentic
ASI03:2026 - Agent Identity and Access Abuse
更多 Context Exfiltration 規則
ATR-2026-00020highSystem Prompt and Internal Instruction LeakageATR-2026-00021criticalCredential and Secret Exposure in Agent OutputATR-2026-00075highAgent Memory ManipulationATR-2026-00102highData Exfiltration via Disguised Analytics CollectionATR-2026-00113criticalCredential File Theft from Agent Environment