open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

feat(knowledge): add MITRE ATLAS IDs to OWASP files + Norwegian regulatory context

Browse source
This commit is contained in:
Kjell Tore Guttormsen 2026-04-10 12:49:10 +02:00
commit e2c8924074
8 changed files with 301 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

12
plugins/llm-security/knowledge/deepmind-agent-traps.md
View file

@ -10,6 +10,8 @@ Full taxonomy of AI agent traps from Google DeepMind's "AI Agent Traps" paper (A
## Category 1: Content Injection
**MITRE ATLAS:** AML.T0051 (LLM Prompt Injection), AML.T0043 (Craft Adversarial Data)
Attacks that embed malicious instructions in content the agent reads or processes.
### 1a. Steganography
@ -41,6 +43,8 @@ Instructions hidden in structural elements of content formats.
## Category 2: Semantic Manipulation
**MITRE ATLAS:** AML.T0051 (LLM Prompt Injection)
Attacks that manipulate the agent's reasoning without direct injection.
### 2a. Oversight Evasion
@ -72,6 +76,8 @@ Subtle reframing that overrides rules without explicit override language.
## Category 3: Context Manipulation
**MITRE ATLAS:** AML.T0058 (AI Agent Context Poisoning), AML.T0020 (Poison Training Data)
Attacks that poison the agent's memory or persistent state.
| Technique | Description | Plugin Coverage |
@ -89,6 +95,8 @@ Attacks that poison the agent's memory or persistent state.
## Category 4: Multi-Agent Exploitation
**MITRE ATLAS:** AML.T0062 (Exfiltration via AI Agent Tool Invocation), AML.T0061 (AI Agent Tools)
Attacks that exploit trust relationships between agents in multi-agent systems.
| Technique | Description | Plugin Coverage |
@ -103,6 +111,8 @@ Attacks that exploit trust relationships between agents in multi-agent systems.
## Category 5: Capability Manipulation
**MITRE ATLAS:** AML.T0061 (AI Agent Tools), AML.T0010 (ML Supply Chain Compromise)
Attacks that cause the agent to misuse its own tools or escalate privileges.
| Technique | Description | Plugin Coverage |
@ -117,6 +127,8 @@ Attacks that cause the agent to misuse its own tools or escalate privileges.
## Category 6: Human-in-the-Loop Exploitation
**MITRE ATLAS:** AML.T0043 (Craft Adversarial Data)
Attacks that exploit the human review step in agent workflows.
| Technique | Description | Plugin Coverage |