Maybe you could do the exfiltration (of very little data) on other things by guessing that the Agent's results will be viewed in a browser and, as internal tool, might have lower security and not escape HTML, given you the option to make it append a tag of your choice, e.g. an image with a URL that sends you some data?