AI Agent Threat Matrix
Matrix/Initial Access/T-2006
T-2006observed

Unicode/Encoding Bypass

Use Unicode homoglyphs, invisible characters, or encoding tricks to bypass input filters and inject instructions

Tactic

Initial Access (Stage 2)

Gain control over agent behavior through prompt manipulation or input exploitation

Attack Class

UNICODE-STEGO

Using invisible Unicode characters, homoglyphs, and encoding tricks to bypass filters

Evidence

observed

Confirmed in real-world production systems or internet-wide exposure assessments.

DVAA Validation

token-smuggling-unicode

Detection (HackMyAgent)

UNICODE-STEGO-001UNICODE-STEGO-002UNICODE-STEGO-003UNICODE-STEGO-004UNICODE-STEGO-005
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 3.1OASB 3.2OASB 3.3OASB 3.4OASB 3.5

How to Cite

AI Agent Threat Matrix T-2006 (Unicode/Encoding Bypass). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-2006
← Back to Matrix