SSH Penetration Testing

Fail

Audited by Snyk on Jun 26, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). Yes — these links expose SSH private keys and an archived key backup over plain HTTP (plus a localhost web endpoint), which is highly suspicious because they leak sensitive credentials/artifacts that can be used to gain unauthorized SSH access and deploy malware or persistence.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This content contains explicit, actionable instructions for credential theft (brute‑force, password spraying, username enumeration, retrieving exposed private keys), creation of persistent backdoors (appending SSH keys to authorized_keys), remote code execution and covert access (Paramiko scripts, Metasploit modules, SSH remote port forwarding/reverse shell callbacks and SOCKS proxies for pivoting), plus evasion techniques to avoid detection — all of which enable clear malicious abuse if used without proper authorization.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly covers vulnerability exploitation, post-exploitation, brute-force and evasion techniques for SSH, which strongly implies instructions to obtain elevated privileges, modify system state (accounts, configs, services) and otherwise compromise machines, so it should be flagged as high risk.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 26, 2026, 06:47 PM
Issues
3
Security Audit — snyk — SSH Penetration Testing