AI Agent Threat Matrix
Matrix/Reconnaissance/T-1002
T-1002validated

Tool Discovery

Enumerate available tools and their schemas via MCP tools/list or equivalent discovery endpoints

Tactic

Reconnaissance (Stage 1)

Map the target agent's attack surface, capabilities, and behavioral boundaries

Attack Class

MCP-EXPLOIT

Attacking Model Context Protocol server configurations, tool registrations, and inter-server trust

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

ToolBot tools/list

Detection (HackMyAgent)

MCP-011
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 10.5

How to Cite

AI Agent Threat Matrix T-1002 (Tool Discovery). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-1002
← Back to Matrix