# Attack Surface Map

Primary attack surfaces derived from the upstream reference analysis:

- prompt injection through direct user input
- retrieval poisoning through compromised documents/connectors
- connector over-permission and excessive data reach
- tool misuse and privilege expansion during agent execution
- identity spoofing and cross-tenant leakage through weak isolation

This map supports the retrofit control matrix and attack-handling scenarios shown on the site.