AI Agent Threat Matrix
Matrix/Credential Harvest/T-3004
T-3004validatedactive

Memory Credential Mining

Extract credentials stored in agent memory from previous sessions or conversations

Tactic

Credential Harvest (Stage 3)

Extract API keys, tokens, and credentials from agent context and connected services

Attack Class

MEM-POISON

Injecting malicious entries into agent persistent memory to maintain control across sessions

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

L2-05

Honeypot Coverage (AgentPwn)

Queuedmemory-weaponization

In scope for honeypot observation; trap page or telemetry hook not yet built.

Detection (HackMyAgent)

Live6 live · 0 queued
MEM-001MEM-002MEM-003MEM-004MEM-005MEM-006
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live5 live · 0 queued
OASB 5.1OASB 5.2OASB 5.3OASB 5.4OASB 5.5
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-3004 (Memory Credential Mining). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-3004
← Back to Matrix