T-5001validatedactive
SSRF via Tool
Use agent tools to make server-side requests to internal services not directly accessible
Tactic
Lateral Movement (Stage 5)
Pivot from compromised agent to connected services or other agents
Attack Class
SKILL-EXFIL
Using legitimate tool capabilities for unauthorized data transfer
Evidence
validated
Reproduced in controlled lab environment (DVAA) with documented steps.
DVAA Validation
L3-02
Honeypot Coverage (AgentPwn)
Queued
In scope for honeypot observation; trap page or telemetry hook not yet built.
Adjacent to capability-abuse tier; trap fixture not yet wired.
Detection (HackMyAgent)
Live4 live · 0 queued
NET-001NET-002NET-003MCP-001
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implementedDefense (OASB Controls)
Live9 live · 0 queued
How to Cite
AI Agent Threat Matrix T-5001 (SSRF via Tool). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-5001