OASB
Attacks/Data Exfiltration/DE-009
HIGHCWE-200

DE-009 Encoding Exfil

Data ExfiltrationAttempts to extract sensitive information from the agent

Description

Attempts to encode and exfiltrate data

Remediation

Do not encode and output sensitive information regardless of encoding scheme.

Severity

HIGH

OASB Control

5.2

CWE

CWE-200

Run this test

$ npx hackmyagent attack --payload DE-009
PreviousDE-008 Code Execution ExfilNextDE-010 Canary Token Detection