"ATX-1 v2.1: AEGIS Threat Matrix for Agentic AI Systems"

"ATX-1 (AEGIS Threat Matrix) v2.1 is a structured adversarial knowledge base for autonomous AI agent behavior. It fills the gap between MITRE ATT&CK (human adversaries attacking systems) and MITRE ATLAS (adversaries attacking AI) by cataloging how AI agents themselves act outside governance boundaries \u2014 not through compromise or malice, but through capability without constraint.Version 2.1 adds a novel tactic class \u2014 TA010 (Act Beyond Governance Interpretation) \u2014 and a fifth root cause (RC5: No Environment Model), discovered during adversarial testing of the AEGIS Claude Code governance plugin. TA010 models a failure dimension not captured in existing frameworks: governance systems that observe and permit an action but misinterpret its semantic effect.The dataset contains 10 tactics (TA001\u2013TA010), 29 techniques (T1001\u2013T10004), 29 mitigations, and 5 root causes. Empirically grounded in the Agents of Chaos study (Shapira et al., arXiv:2602.20021, 2026) and 5 rounds of white-box adversarial testing (RFC-0006, 2026). All data is provided in STIX 2.1 format for compatibility with threat intelligence platforms, with additional structured JSON files for technique details, regulatory cross-references (NIST AI RMF, EU AI Act, OWASP LLM Top 10), ATT&CK Navigator layer, and a JSON Schema for validation.Previous versions: v1.0 (DOI: 10.21227\/f87b-1d57), v2.0 (DOI: 10.5281\/zenodo.19238844). This version: v2.1 (Zenodo DOI: 10.5281\/zenodo.19251098). "