executing-red-team-exercise

This package is a dual-use red-team planning utility that downloads MITRE ATT&CK STIX data, maps techniques for an emulated actor, and generates operation plans. The code as described does not itself perform exploitation or exfiltration, nor does it exhibit obfuscation. Primary concerns are: (1) supply-chain risk from downloading live JSON without integrity checks, and (2) the potential for misuse because it produces detailed operational plans. Apply integrity verification, add usage controls/auditing, and treat generated outputs as sensitive.

SUSPICIOUS: the skill’s footprint is intentionally offensive and teaches an AI agent to conduct stealthy adversary operations, including credential theft, evasion, persistence, lateral movement, and exfiltration. The named tools are mostly legitimate red-team products, so this is not confirmed malware, but it is a high-risk offensive capability set that should not be enabled for general-purpose agents.