AI Agent Threat Matrix
Matrix/Privilege Escalation/T-4003
T-4003validatedactive

Tool Parameter Injection

Inject malicious parameters into tool calls to escalate privileges or bypass validation

Tactic

Privilege Escalation (Stage 4)

Escalate capabilities beyond declared scope or bypass authorization

Attack Class

MCP-EXPLOIT

Attacking Model Context Protocol server configurations, tool registrations, and inter-server trust

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

MCP parameter injection

Honeypot Coverage (AgentPwn)

Livemcp-exploitationagentpwn.com/attacks/mcp-exploitation

An AgentPwn trap page produces a payload tagged with this technique class. Following the AgentPwn taxonomy of trap pages shows what an agent encounters.

Detection (HackMyAgent)

Live1 live · 0 queued
PERM-001
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live5 live · 0 queued
OASB 2.1OASB 2.2OASB 2.3OASB 2.4OASB 2.5
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-4003 (Tool Parameter Injection). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-4003
← Back to Matrix