d3fend-evict
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides procedures for executing powerful system commands to facilitate containment, including process termination (
taskkill /F,SIGKILL), system shutdown/reboot (shutdown /s /t 0), and purging authentication caches (klist purge). - [COMMAND_EXECUTION]: Instructions include destructive file system and storage operations such as file eviction, disk formatting (NIST 800-88), and secure erasure (DoD 5220.22-M).
- [COMMAND_EXECUTION]: The skill guides the removal of persistence mechanisms by deleting registry keys in sensitive locations like
HKLM\Software\Microsoft\Windows\CurrentVersion\Runand modifying system services. - [COMMAND_EXECUTION]: The documentation covers high-privilege identity management tasks, such as locking accounts in Active Directory or Identity Providers and revoking API keys or certificates.
Audit Metadata