Detection Library
highexperimentalLinuxOCIT1552.001
Linux Agent Accessing OCI CLI Config Or API Keys
Detects AI agent processes reading OCI CLI configuration files or API key material, which may indicate credential harvesting driven by goal hijacking or prompt injection.
Updated Jan 10, 2025 · OCI AI Security Team
agentic-aicredential-accessoci-cliapi-keyslinuxociowasp-asi01
Problem Statement
OCI CLI configuration files contain private keys and tenancy credentials that grant broad cloud control. An AI agent reading these files outside of initialization is a strong indicator that it has been redirected to harvest credentials for use in unauthorized OCI API calls.
Sample Logs
{"timestamp":"2025-01-10T11:30:55Z","computer_name":"oci-worker-03","user":"agent_svc","image":"/usr/bin/python3","target_filename":"/home/agent_svc/.oci/config","access_type":"read"}Required Fields
image
user
target_filename
computer_name
False Positives
- ·Legitimate agent code using the OCI Python SDK which reads ~/.oci/config at initialization
- ·Infrastructure-as-code tools (Terraform, Ansible) running under a Python wrapper
Tuning Guidance
Baseline which agent service accounts legitimately read OCI config at startup and suppress those. Alert on reads occurring mid-session or by unexpected processes.