T-3001observed
System Prompt Credential Extraction
Extract credentials hardcoded or referenced in the agent's system prompt
Tactic
Credential Harvest (Stage 3)
Extract API keys, tokens, and credentials from agent context and connected services
Attack Class
RETROACTIVE-PRIV
Exploiting previously granted access or cached credentials to gain unauthorized capabilities
Evidence
observed
Confirmed in real-world production systems or internet-wide exposure assessments.
DVAA Validation
L1-02
Detection (HackMyAgent)
CRED-001CRED-002CRED-003CRED-004
npx hackmyagent secure --ciDefense (OASB Controls)
OASB 5.1OASB 5.2OASB 5.3OASB 5.4OASB 5.5
How to Cite
AI Agent Threat Matrix T-3001 (System Prompt Credential Extraction). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-3001