AI Agent Threat Matrix
Matrix/Collection/T-7006
T-7006validatedactive

PII Discovery

Discover and extract personally identifiable information from RAG stores and agent data sources

Tactic

Collection (Stage 7)

Gather and stage data from databases, file systems, and APIs

Attack Class

RAG-POISON

Injecting malicious content into retrieval-augmented generation data sources

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

LegacyBot PII leak

Honeypot Coverage (AgentPwn)

Queued

In scope for honeypot observation; trap page or telemetry hook not yet built.

Adjacent to data-exfiltration tiers; specific PII trap fixtures not yet wired.

Detection (HackMyAgent)

Live4 live · 0 queued
RAG-001RAG-002RAG-003RAG-004
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live4 live · 0 queued
OASB 4.1OASB 4.2OASB 4.3OASB 4.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-7006 (PII Discovery). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-7006
← Back to Matrix