diff --git a/monkey/infection_monkey/exploit/i_agent_otp_provider.py b/monkey/infection_monkey/exploit/i_agent_otp_provider.py
new file mode 100644
index 00000000000..1a3a45f4075
--- /dev/null
+++ b/monkey/infection_monkey/exploit/i_agent_otp_provider.py
@@ -0,0 +1,18 @@
+import abc
+
+
+class IAgentOTPProvider(metaclass=abc.ABCMeta):
+    """
+    IAgentOTPProvider provides an interface for other components to get one-time passwords (OTPs).
+    Notably, this is used by exploiters during propagation to get OTPs for running new
+    Agents on exploited machines, so that they can authenticate with the Island.
+    """
+
+    @abc.abstractmethod
+    def get_otp(self) -> str:
+        """
+        Get a one-time password (OTP)
+
+        :return: An OTP
+        """
+        pass
diff --git a/vulture_allowlist.py b/vulture_allowlist.py
index a42275d9a23..f89cd9fa7f1 100644
--- a/vulture_allowlist.py
+++ b/vulture_allowlist.py
@@ -8,6 +8,7 @@
 from common.base_models import InfectionMonkeyModelConfig, MutableInfectionMonkeyModelConfig
 from common.credentials import LMHash, NTHash, SecretEncodingConfig
 from common.types import Lock, NetworkPort, PluginName
+from infection_monkey.exploit.i_otp_provider import IAgentOTPProvider
 from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory
 from infection_monkey.exploit.tools import generate_brute_force_credentials, secret_type_filter
 from infection_monkey.exploit.zerologon import NetrServerPasswordSet, NetrServerPasswordSetResponse
@@ -143,3 +144,4 @@
 
 # Remove after #3077
 http_island_api_client.get_otp
+IAgentOTPProvider