AI Agent Threat Matrix
Matrix/Credential Harvest/T-3003
T-3003validated

Tool Response Credential Capture

Capture credentials returned in tool or API responses that pass through the agent's context

Tactic

Credential Harvest (Stage 3)

Extract API keys, tokens, and credentials from agent context and connected services

Attack Class

RETROACTIVE-PRIV

Exploiting previously granted access or cached credentials to gain unauthorized capabilities

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

ToolBot credential responses

Detection (HackMyAgent)

CRED-001
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 5.1OASB 5.2OASB 5.3OASB 5.4OASB 5.5

How to Cite

AI Agent Threat Matrix T-3003 (Tool Response Credential Capture). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-3003
← Back to Matrix