highexperimentalLinuxAI/MLOCIT1059.004T1083

LLM Service Calling OCI CLI After Prompt Handling

Detects an LLM service process spawning the OCI CLI binary. This indicates that a prompt may have caused the model to issue cloud control-plane commands, enabling resource enumeration, data access, or privilege abuse via the OCI API.

Updated Jan 15, 2025 · Detection Engineering Team

llmprompt-injectionlinuxociowasp-llm01

Problem Statement

An LLM service invoking the OCI CLI suggests the model output or an injected prompt triggered cloud API calls, potentially enabling reconnaissance or resource abuse.

Sample Logs

{"timestamp":"2025-01-15T11:02:45Z","computer_name":"llm-host-02","user":"llm_svc","image":"/usr/local/bin/oci","command_line":"oci compute instance list --compartment-id ocid1.compartment.oc1..xxx","parent_image":"/opt/llm/app/inference.py"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Legitimate LLM tools that intentionally wrap OCI CLI for infrastructure queries
·Approved agentic workflows with explicit OCI tool bindings

Tuning Guidance

Baseline expected OCI CLI sub-commands for the service. Alert on destructive or IAM sub-commands (iam, policy, instance terminate) with higher priority.