highexperimentalLinuxAI/MLOCIT1552.001

LLM Service Accessing OCI Config Or API Key Material

Detects LLM service processes reading OCI configuration files or API key material. Access to these files from an LLM runtime may indicate credential harvesting triggered by a prompt injection or misconfigured model tool access.

Updated Jan 15, 2025 · Detection Engineering Team

llmcredential-accesslinuxociowasp-llm02

Problem Statement

OCI config files contain API keys and private keys granting cloud control-plane access. An LLM service reading these files may be harvesting credentials for use by an attacker.

Sample Logs

{"timestamp":"2025-01-15T10:07:44Z","computer_name":"llm-host-02","user":"llm_svc","image":"/opt/llm/app/tool_executor.py","target_filename":"/home/opc/.oci/config","access_type":"read"}

Required Fields

image

target_filename

user

computer_name

False Positives

·LLM tools that legitimately require OCI SDK authentication configured via the standard config file

Tuning Guidance

If the LLM service requires OCI access, use instance principal or resource principal authentication instead of file-based credentials to eliminate this signal.