competition-malware-config

This fragment is not executable malware; it is a prompt/policy configuration that instructs an external orchestrator to recover hidden, staged, malware-like configuration elements (including bot IDs and beacon/C2 parameters) from a sample after another component is active. The wording is highly malware-adjacent, making it suspicious in context, but direct malicious behavior (networking, credential theft, payload execution) is not present in the provided code fragment. Security review should focus on the referenced orchestrator/tool implementation and where any recovered data is stored or transmitted.

该技能与其声明目的基本一致，没有明显的凭据窃取、外部数据外传或可疑安装链；但其核心用途就是让 AI 代理执行恶意软件配置恢复与 C2/信标参数提取，属于高风险安全/逆向能力。整体应判为 SUSPICIOUS：不是已确认恶意技能，但对代理赋予了不成比例的攻防分析能力，并通过上游技能形成额外信任链。