RAG Credential Harvesting

Type: technique

Description: Adversaries may attempt to use their access to a large language model (LLM) on the victim's system to collect credentials. Credentials may be stored in internal documents which can inadvertently be ingested into a RAG database, where they can ultimately be retrieved by an AI agent.

Version: 0.1.0

Created At: 2025-10-01 13:13:22 -0400

Last Modified At: 2025-10-01 13:13:22 -0400


External References

  • --> Unsecured Credentials (technique): Sub-technique of
  • --> RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
  • <-- RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
  • <-- Data Exfiltration from Slack AI via indirect prompt injection (procedure): Once a user asks a question about "EldritchNexus API key", SlackAI has access to information in their private channels. The adversary gets SlackAI to embed any found secret in a clickable link parameter [click here to reauthenticate](https://aiexecutiveorder.com?secret=confetti).