AI Agent Threat Matrix
Matrix/Reconnaissance/T-1004
T-1004validatedactive

Security Level Probing

Probe the agent to determine its security posture, guardrails, and content filtering strength

Tactic

Reconnaissance (Stage 1)

Map the target agent's attack surface, capabilities, and behavioral boundaries

Attack Class

RETROACTIVE-PRIV

Exploiting previously granted access or cached credentials to gain unauthorized capabilities

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

Probing agents

Honeypot Coverage (AgentPwn)

Out of scope

Not observable via content-side honeypot interaction. HackMyAgent or DVAA cover this where applicable.

Active probing of agent internals, not a content-side trap.

Detection (HackMyAgent)

Live1 live · 0 queued
WEBEXPOSE-001
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live4 live · 0 queued
OASB 1.1OASB 1.2OASB 1.3OASB 1.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-1004 (Security Level Probing). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-1004
← Back to Matrix