Security and Safety

Data Exfiltration

Data exfiltration in agentic systems occurs when an agent sends sensitive information, such as API keys, source code, customer data, or environment variables, to unauthorized external destinations. This happens through prompt injection (a malicious instruction tells the agent to include secrets in an outbound tool call), through tool misuse (the agent includes sensitive data in a response), or through context leakage (conversation history containing secrets reaches an unintended party). The risk increases sharply in agentic coding tools because they typically have access to the full project environment, including .env files, git history, and production credentials, so defending against exfiltration requires output filtering, network-level controls on which endpoints agents can reach, and secret management practices that keep sensitive values out of agent-accessible paths.

subtopics

Exfiltration Vectors

Data Loss Prevention

connected to

Prompt Injection Audit Logging

resources

OWASP LLM Top 10: Sensitive Information Disclosuregenai.owasp.orgOWASP's classification of data exfiltration risks in LLM systems (genai.owasp.org)Simon Willison: Prompt Injectionsimonwillison.netAnalysis of how prompt injection enables data exfiltration (simonwillison.net)Anthropic: Security Best Practicesdocs.anthropic.comPreventing sensitive data leakage in Claude applications (docs.anthropic.com)Claude Code: Securitydocs.anthropic.comHow Claude Code protects against unauthorized data access (docs.anthropic.com)

view in track