operating-sliver-c2
Fail
Audited by Snyk on Jun 25, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). These are official Sliver C2 project pages and GitHub release binaries (sliver-server/client) from BishopFox and related docs—legitimate sources but they host direct downloadable executables for a command-and-control framework that is dual‑use and commonly abused by attackers, so obtaining/running them without explicit authorization is high risk.
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). This content explicitly documents and automates a command-and-control framework (Sliver) — including implant generation/stagers, beaconing, remote command execution/shells, privilege escalation and credential dumping, in-memory payload execution, pivoting/SOCKS proxies, and listener/stager configuration — all clear backdoor/C2 capabilities that enable unauthorized remote control and data exfiltration.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). The required runtime workflow uses the Sliver operator automation to ingest outsider-authored free text from implant callbacks (e.g., stdout/stderr returned by
interact.execute(...)inscripts/agent.py), which is attacker-controlled content originating from outside the operating user’s chosen inputs.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill includes an explicit install command that fetches and executes remote code (curl https://sliver.sh/install | sudo bash) and also directs downloading executable releases from https://github.com/BishopFox/sliver/releases/latest/download/... which are required installation-time fetches that execute remote code for operation.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running privileged install/run commands (e.g., curl ... | sudo bash, sudo ./sliver-server), binding privileged ports, installing daemons/armory and generating/hosting C2 implants and pivots — all actions that modify system state and require elevated privileges, so it is flagged.
Issues (5)
E005
CRITICALSuspicious download URL detected in skill instructions.
E006
CRITICALMalicious code pattern detected in skill scripts.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata