Credentials from AI Agent Configuration
Type: technique
Description: Adversaries may access the credentials of other tools or services on a system from the configuration of an AI agent. AI agents often utilize external tools or services to take actions.
AI Agents often utilize external tools or services to take actions, such as querying databases, invoking APIs, or interacting with cloud resources. To enable these functions, credentials like API keys, tokens, and connection strings are frequently stored in configuration files. While there are secure methods such as dedicated secret managers or encrypted vaults that can be deployed to store and manage these credentials, in practice they are often placed in less protected locations for convenience or ease of deployment. If an attacker can read or extract these configurations, they may obtain valid credentials that allow direct access to sensitive systems outside the agent itself.
Version: 0.1.0
Created At: 2025-10-01 13:13:22 -0400
Last Modified At: 2025-10-01 13:13:22 -0400
External References
Related Objects
- --> Credential Access (tactic): Extracting hardcoded or misconfigured credentials from AI agent settings or configuration files.