"ATX-1 v2.2: AEGIS Threat Matrix for Agentic AI Systems"

"ATX-1 (AEGIS Threat Matrix) v2.2 is a structured adversarial knowledge base for autonomous AI agent behavior. It fills the gap between MITRE ATT&CK (human adversaries attacking systems) and MITRE ATLAS (adversaries attacking AI) by cataloging how AI agents themselves act outside governance boundaries \u2014 not through compromise or malice, but through capability without constraint.Version 2.2 introduces 29 sub-techniques cataloging specific bypass methods observed during adversarial testing of the AEGIS Claude Code governance plugin and the aegis-core Python reference runtime. Sub-techniques use MITRE ATT&CK-style notation (T####.###) and inherit the parent technique's severity and mitigation framing while documenting the specific bypass method.Notable additions: T10002 (Persistence via auto-execution) gains 8 sub-techniques covering shell init files, git hooks, package manager scripts, IDE task definitions, Dockerfiles, git config aliases, .npmrc\/.pypirc, and Makefiles. T10004 (Parser divergence) gains 10 sub-techniques covering command chaining, newline\/CRLF injection, heredoc, null-byte path truncation, Unicode homoglyphs, subshells, alternate absolute paths, traversal, and output redirection. T9002 (Traceability obfuscation) adds base64-wrapped command execution and variable indirection.The dataset contains 10 tactics (TA001\u2013TA010), 29 techniques (T1001\u2013T10004), 29 sub-techniques, 29 mitigations, and 5 root causes. Empirically grounded in the Agents of Chaos study (Shapira et al., arXiv:2602.20021, 2026) and adversarial testing across 6 rounds (RFC-0006, 2026). All data is provided in STIX 2.1 format for compatibility with threat intelligence platforms, with additional structured JSON files for technique details, regulatory cross-references (NIST AI RMF, EU AI Act, OWASP LLM Top 10), ATT&CK Navigator layer, and a JSON Schema for validation.Previous versions: v1.0 (DOI: 10.21227\/f87b-1d57), v2.1 (DOI: 10.21227\/015v-9641). This version: v2.2."