AI Agent Threat Matrix
Matrix/Reconnaissance/T-1005
T-1005validatedactive

Capability Mapping

Map the full set of agent capabilities including tools, permissions, and connected services

Tactic

Reconnaissance (Stage 1)

Map the target agent's attack surface, capabilities, and behavioral boundaries

Attack Class

MCP-EXPLOIT

Attacking Model Context Protocol server configurations, tool registrations, and inter-server trust

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

ToolBot tool catalog

Honeypot Coverage (AgentPwn)

Queued

In scope for honeypot observation; trap page or telemetry hook not yet built.

Requires fake MCP capability advertisement page.

Detection (HackMyAgent)

Live2 live · 0 queued
MCP-011MCP-001
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live1 live · 0 queued
OASB 10.5
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-1005 (Capability Mapping). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-1005
← Back to Matrix