Skip to content

Hide Navigation Hide TOC

Schema-Description Contradiction Attack - ATR-2026-00106 (3b1620ee-4c7a-5bcd-a494-20d7ab07ff87)

Detects tools that claim read-only or safe functionality in their description but expose write-capable or dangerous parameters in their schema. This attack technique uses misleading descriptions to pass security review while the actual schema enables destructive operations. Example: a "safe_query" tool claiming "read-only database query" while exposing a "write_mode" parameter defaulting to true.

Cluster A Galaxy A Cluster B Galaxy B Level
LLM Plugin Compromise (adbb0dd5-ff66-4b2f-869f-bfb3fdb45fc8) MITRE ATLAS Attack Pattern Schema-Description Contradiction Attack - ATR-2026-00106 (3b1620ee-4c7a-5bcd-a494-20d7ab07ff87) Agent Threat Rules 1