AI Agent Threat Matrix
Matrix/Impact/T-9003
T-9003observedactive

Malicious Code Deployment

Deploy malicious code or backdoors through agent code execution capabilities

Tactic

Impact (Stage 9)

Modify data, deploy malicious code, or disrupt services

Attack Class

HEARTBEAT-RCE

Exploiting scheduled task or heartbeat mechanisms to achieve persistent code execution

Evidence

observed

Confirmed in real-world production systems or internet-wide exposure assessments.

DVAA Validation

backdoor deployment

Honeypot Coverage (AgentPwn)

Out of scope

Not observable via content-side honeypot interaction. HackMyAgent or DVAA cover this where applicable.

No code execution path on the honeypot.

Detection (HackMyAgent)

Live2 live · 0 queued
SUPPLY-001HEARTBEAT-001
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live5 live · 4 queued
OASB 6.1OASB 6.2OASB 6.3OASB 6.4OASB 6.5OASB 11.1OASB 11.2OASB 11.3OASB 11.4
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-9003 (Malicious Code Deployment). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-9003
← Back to Matrix