AI Agent Threat Matrix
Matrix/Exfiltration/T-8002
T-8002validatedactive

HTTP Callback

Exfiltrate data via HTTP POST requests to attacker-controlled endpoints

Tactic

Exfiltration (Stage 8)

Transfer collected data out of target environment

Attack Class

SKILL-EXFIL

Using legitimate tool capabilities for unauthorized data transfer

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

Reproductions in Damn Vulnerable AI Agent, the OpenA2A intentionally-broken agent for kill-chain validation.

ToolBot fetch_url POST

Honeypot Coverage (AgentPwn)

Livedata-exfiltrationagentpwn.com/attacks/data-exfiltration

An AgentPwn trap page produces a payload tagged with this technique class. Following the AgentPwn taxonomy of trap pages shows what an agent encounters.

AgentPwn's primary signal: payload callback fire.

Detection (HackMyAgent)

Live5 live · 0 queued
NET-001SANDBOX-001SANDBOX-002SANDBOX-003SANDBOX-004
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live1 live · 0 queued
OASB 4.3
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-8002 (HTTP Callback). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-8002
← Back to Matrix