AI Agent Threat Matrix
Matrix/Collection/T-7002
T-7002validatedactive

Database Extraction

Extract data from databases via SQL injection or authorized database tool access

Tactic

Collection (Stage 7)

Gather and stage data from databases, file systems, and APIs

Attack Class

CODE-INJECTION

Injecting and executing arbitrary code through SQL injection, command injection, or code generation

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

DataBot SQL injection

Honeypot Coverage (AgentPwn)

Out of scope

Not observable via content-side honeypot interaction. HackMyAgent or DVAA cover this where applicable.

Detection (HackMyAgent)

Live3 live · 1 queued
IO-001INJ-001INJ-002INJ-003
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live4 live · 0 queued
OASB 4.1OASB 4.2OASB 4.3OASB 4.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-7002 (Database Extraction). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-7002
← Back to Matrix