AI Agent Tool Credential Harvesting

Type: technique

Description: Adversaries may attempt to use their access to an AI agent on the victim's system to retrieve data from available agent tools to collect credentials. Agent tools may connect to a wide range of sources that may contain credentials including document stores (such as SharePoint, OneDrive or Google Drive), code repositories (such as GitHub or GitLab), or enterprise productivity tools (such as email providers or Slack), and local notetaking tools (such as Obsidian or Apple Notes).

Version: 0.1.0

Created At: 2025-12-22 07:58:23 -0500

Last Modified At: 2025-12-22 07:58:23 -0500

External References

--> Unsecured Credentials (technique): Sub-technique of
<-- AI Agent Tool Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.

AI Agents Attack Matrix

AI Agent Tool Credential Harvesting

External References

Related Objects

Related Frameworks