vuln-research

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content is high-risk dual-use material: it contains detailed, actionable orchestration and exploit-development guidance (Agent Sweep / vuln-swarm automation, file-iteration discovery, PoC/playbook templates, Docker lab + callback setups, reverse-shell/SSRF→metadata recipes, deserialization/phar/iconv exploit details, telemetry/collector exfiltration patterns, and supply‑chain/auto-update weaponization patterns) that can be directly repurposed to automate large-scale unauthorized scanning, exploit chaining, secret exfiltration, backdoor deployment, and supply‑chain compromise.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly encourages exploit development, sandbox escapes, privilege-escalation and chaining into kernel/hypervisor/container defenses (e.g., "sandbox escape", "container context", "chain across boundaries"), which strongly pushes an agent toward actions that would compromise or modify the host machine's state.