Skip to content
ATR-2026-00142criticalContext Exfiltrationexperimental

Data Piggybacking via Casual Transition Words

Detects tool response piggybacking using casual transition words (oh and, P.S., BTW, interestingly, as it happens) to embed credential theft after legitimate results. Extends ATR-2026-00136 to cover 44 additional evasion variants.

嚴重度
critical
類別
Context Exfiltration
掃描目標
mcp
作者
ATR Threat Cloud Crystallization

建議回應

block outputalertsnapshot

參考資料

OWASP Agentic
ASI08 - Data Leakage
OWASP LLM
LLM01:2025 - Prompt Injection
在 GitHub 上查看完整 YAML →

更多 Context Exfiltration 規則

ATR-2026-00020highSystem Prompt and Internal Instruction LeakageATR-2026-00021criticalCredential and Secret Exposure in Agent OutputATR-2026-00075highAgent Memory ManipulationATR-2026-00102highData Exfiltration via Disguised Analytics CollectionATR-2026-00113criticalCredential File Theft from Agent Environment