AI Agent Threat Matrix
Matrix/Lateral Movement/T-5002
T-5002validatedactive

A2A Agent Pivoting

Pivot from a compromised agent to other agents via A2A protocol connections

Tactic

Lateral Movement (Stage 5)

Pivot from compromised agent to connected services or other agents

Attack Class

AGENT-IMPERSONATE

Impersonating trusted agents or administrative roles to gain unauthorized access

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

L4-02

Honeypot Coverage (AgentPwn)

Livea2a-attackagentpwn.com/attacks/a2a-attack

An AgentPwn trap page produces a payload tagged with this technique class. Following the AgentPwn taxonomy of trap pages shows what an agent encounters.

Detection (HackMyAgent)

Queued0 live · 2 queued
A2A-001A2A-002
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live9 live · 0 queued
OASB 10.1OASB 10.2OASB 10.3OASB 10.4OASB 10.5OASB 7.1OASB 7.2OASB 7.3OASB 7.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-5002 (A2A Agent Pivoting). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-5002
← Back to Matrix