ctf-pwn

The skill is internally consistent with its stated purpose, and its installs appear to use legitimate ecosystem sources rather than deceptive third-party endpoints. However, the stated purpose itself is offensive: it equips an AI agent with exploitation, privilege-escalation, and sandbox-escape techniques plus the tools to act on them. This is not confirmed malware or credential theft, but it is a high-risk offensive-security skill and should be classified as suspicious/high risk rather than benign.

This fragment is explicit, weaponized Linux kernel exploit guidance and example code: it leaks kernel pointers, defeats KASLR/KPTI/SMEP/SMAP (as described), constructs a kernel ROP chain to run `prepare_kernel_cred/commit_creds`, returns safely to userland, and spawns a root shell via `system("/bin/sh")`. It is high-risk for any non-lab context; covert malware (exfiltration/persistence) is not evidenced in the shown content, but the offensive capability itself makes it dangerous.