SSH Penetration Testing
Fail
Audited by Snyk on Jun 26, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). Yes — these links expose SSH private keys and an archived key backup over plain HTTP (plus a localhost web endpoint), which is highly suspicious because they leak sensitive credentials/artifacts that can be used to gain unauthorized SSH access and deploy malware or persistence.
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). This content contains explicit, actionable instructions for credential theft (brute‑force, password spraying, username enumeration, retrieving exposed private keys), creation of persistent backdoors (appending SSH keys to authorized_keys), remote code execution and covert access (Paramiko scripts, Metasploit modules, SSH remote port forwarding/reverse shell callbacks and SOCKS proxies for pivoting), plus evasion techniques to avoid detection — all of which enable clear malicious abuse if used without proper authorization.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly covers vulnerability exploitation, post-exploitation, brute-force and evasion techniques for SSH, which strongly implies instructions to obtain elevated privileges, modify system state (accounts, configs, services) and otherwise compromise machines, so it should be flagged as high risk.
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
E006
CRITICALMalicious code pattern detected in skill scripts.
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata