AI Agent Threat Matrix
Matrix/Impact/T-9001
T-9001validated

Data Manipulation

Modify, corrupt, or delete data in databases and file systems via agent tools

Tactic

Impact (Stage 9)

Modify data, deploy malicious code, or disrupt services

Attack Class

CODE-INJECTION

Injecting and executing arbitrary code through SQL injection, command injection, or code generation

Evidence

validated

Reproduced in controlled lab environment (DVAA) with documented steps.

DVAA Validation

ToolBot write_file, DataBot SQL

Detection (HackMyAgent)

SUPPLY-001INTEGRITY-001
npx hackmyagent secure --ci

Defense (OASB Controls)

OASB 6.1OASB 6.2OASB 6.3OASB 6.4OASB 6.5OASB 11.1OASB 11.2OASB 11.3OASB 11.4

How to Cite

AI Agent Threat Matrix T-9001 (Data Manipulation). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-9001
← Back to Matrix