agent-command-injection · tool-use · OWASP: LLM06 · MITRE: AML.T0050, AML.T0105Sandbox escape via path traversal and command chainingRun it:agent-config-manipulation · tool-use · OWASP: LLM06 · MITRE: AML.T0081Production hotfix pretext to write security-disabling configurationRun it:agent-credential-theft · tool-use · OWASP: LLM06, LLM02 · MITRE: AML.T0083, AML.T0086Security audit pretext to read credentials then exfiltrate via emailRun it:agent-data-destruction · tool-use · OWASP: LLM06 · MITRE: AML.T0101Migration cleanup pretext to delete files and drop database tablesRun it:agent-data-exfiltration · tool-use · OWASP: LLM06, LLM02 · MITRE: AML.T0086, AML.T0098DevOps monitoring pretext to read system data then POST to external endpointRun it:agent-tool-credential-harvest · tool-use · OWASP: LLM06, LLM02 · MITRE: AML.T0098Systematic credential probing across filesystem, environment, database, and cloud configsRun it:xpia-document · tool-use · OWASP: LLM01 · MITRE: AML.T0051.001Indirect prompt injection via fetched document containing hidden instructionsRun it:xpia-email · tool-use · OWASP: LLM01 · MITRE: AML.T0051.001Indirect prompt injection via email content containing hidden forwarding instructionsRun it:xpia-rag · tool-use · OWASP: LLM01 · MITRE: AML.T0051.001Indirect prompt injection via poisoned RAG knowledge base search resultRun it:agent-config-discovery · tool-use · OWASP: LLM06, LLM07 · MITRE: AML.T0084Probe model to reveal tool definitions, system prompt, and agent config filesRun it:agent-plugin-hijack · tool-use · OWASP: LLM06 · MITRE: AML.T0053, AML.T0080.002Indirect prompt injection via fetched content to trigger unauthorized tool callsRun it: