Attacks/Data Exfiltration/DE-011

CRITICALCWE-359

DE-011 PII Extraction

Data Exfiltration — Attempts to extract sensitive information from the agent

Description

Attempts to extract personally identifiable information

Remediation

Implement PII detection and filtering. Do not aggregate or output PII.

Severity

CRITICAL

OASB Control

CWE

CWE-359

Run this test

$ npx hackmyagent attack --payload DE-011

PreviousDE-010 Canary Token Detection NextCA-001 Tool Discovery