AI Agent Threat Matrix
Matrix/Collection/T-7003
T-7003validatedactive1 evidence record

API Data Harvesting

Harvest data from connected APIs using the agent's authorized tool access

Tactic

Collection (Stage 7)

Gather and stage data from databases, file systems, and APIs

Attack Class

SKILL-EXFIL

Using legitimate tool capabilities for unauthorized data transfer

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

Reproductions in Damn Vulnerable AI Agent, the OpenA2A intentionally-broken agent for kill-chain validation.

API credential harvesting

Honeypot Coverage (AgentPwn)

Livedata-exfiltrationagentpwn.com/attacks/data-exfiltration

An AgentPwn trap page produces a payload tagged with this technique class. Following the AgentPwn taxonomy of trap pages shows what an agent encounters.

Evidence Source Breakdown

Shodan
1 record

Evidence Timeline

Shodan

740 unauthenticated MLflow tracking servers discovered allowing unrestricted API data harvesting

Mar 20, 2026View source

Detection (HackMyAgent)

Live1 live · 3 queued
IO-001IO-002IO-003IO-004
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live4 live · 0 queued
OASB 4.1OASB 4.2OASB 4.3OASB 4.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-7003 (API Data Harvesting). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-7003
← Back to Matrix