Context Assembly Pipeline Attack
Attacks targeting the system prompt assembly pipeline where individual components combine into exploitable injections
Tactic
Collection (Stage 7)
Gather and stage data from databases, file systems, and APIs
Attack Class
ASSEMBLY-INJECT
Attacks targeting the system prompt assembly process where components combine into exploitable injections
Evidence
Reproduced in controlled lab environment (DVAA) with documented steps.
DVAA Validation
Reproductions in Damn Vulnerable AI Agent, the OpenA2A intentionally-broken agent for kill-chain validation.
context-lifecycle-split-injection, context-lifecycle-displacement, context-lifecycle-priority-hijack scenarios
Evidence Source Breakdown
Evidence Timeline
HMA check LIFECYCLE-001 failed on fake-vulnerable-agent
HMA check LIFECYCLE-001 failed on fake-vulnerable-agent
HMA check LIFECYCLE-001 failed on fake-vulnerable-agent
HMA check LIFECYCLE-001 failed on fake-vulnerable-agent
HMA check LIFECYCLE-001 failed on hackmyagent-release-test-vplv
HMA check LIFECYCLE-001 failed on my-test-agent
HMA check LIFECYCLE-001 failed on test-agent
HMA check LIFECYCLE-001 failed on test-agent
HMA check LIFECYCLE-001 failed on test-agent
Detection (HackMyAgent)
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implementedDefense (OASB Controls)
How to Cite
AI Agent Threat Matrix T-7007 (Context Assembly Pipeline Attack). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-7007