AI Agent Threat Matrix
Matrix/Collection/T-7001
T-7001validatedactive

File System Enumeration

Enumerate and read files from the agent's accessible file system via path traversal or tool access

Tactic

Collection (Stage 7)

Gather and stage data from databases, file systems, and APIs

Attack Class

NEMO-SANDBOX-ESCAPE

Breaking out of agent sandbox restrictions to access the underlying file system or OS

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

ToolBot path traversal

Honeypot Coverage (AgentPwn)

Out of scope

Not observable via content-side honeypot interaction. HackMyAgent or DVAA cover this where applicable.

DVAA covers; not a content-side honeypot signal.

Detection (HackMyAgent)

Live1 live · 3 queued
IO-001IO-002IO-003IO-004
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live4 live · 0 queued
OASB 4.1OASB 4.2OASB 4.3OASB 4.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-7001 (File System Enumeration). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-7001
← Back to Matrix