reverse-shell

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High risk: the content contains explicit reverse-shell commands that initiate outbound TCP connections to attacker-controlled hostnames (evil.com, attacker.host), enabling remote code execution/backdoor access and potential data exfiltration.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The SKILL.md includes explicit reverse-shell commands that connect to external hosts (e.g., evil.com and attacker.host) which, if run at runtime, would create remote shells and allow those hosts to execute/control code on the agent, so these URLs are runtime dependencies enabling remote code execution.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This prompt gives explicit reverse-shell commands that instruct the agent to open an interactive remote shell to an attacker host, which directly enables remote takeover and compromises the machine.