competition-lsass-ticket-material

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the skill explicitly requires recording and linking "extracted secret" material (TGTs, service tickets, DPAPI secrets, plaintexts/hashes) and producing a minimal host-artifact→extracted-material→replay chain, which forces the LLM to handle and potentially output secret values verbatim, creating exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). 此技能明确指导从LSASS、Kerberos 票据、DPAPI 与 SSP 中提取并重放凭证以实现未经授权的访问、横向移动和特权提升，属于凭证窃取与系统攻占的高风险恶意滥用。