AI Agent Threat Matrix
Matrix/Initial Access/T-2004
T-2004validated

Context Window Exploitation

Overflow or saturate the context window to displace safety instructions with attacker-controlled content

Tactic

Initial Access (Stage 2)

Gain control over agent behavior through prompt manipulation or input exploitation

Attack Class

SOUL-DRIFT

Gradually displacing safety instructions from the active context through conversation manipulation

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

L2-06

Detection (HackMyAgent)

PROMPT-001PROMPT-002
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 3.1OASB 3.2OASB 3.3OASB 3.4OASB 3.5

How to Cite

AI Agent Threat Matrix T-2004 (Context Window Exploitation). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-2004
← Back to Matrix