4. Metadata Leakage via Unfiltered Response Logs
4. Metadata Leakage via Unfiltered Response Logs
Attack: Sensitive internal IPs, API tokens, or infrastructure references leak through response fields or stack traces returned to the agent.
Example Leak:
"error": "Connection refused at 10.2.0.4:9200"
Mitigation:
- Scrub all outbound responses (especially on error paths)
- Mask IPs, ports, headers, internal stack info
- Log to secure sinks with masking in place