performing-threat-emulation-with-atomic-red-team

The code demonstrates threat-emulation tooling that can perform remote code execution and access credential-related utilities. While intended for controlled testing, these capabilities introduce significant risk if misused or exposed publicly. Strict controls, environment isolation, input whitelisting, signed atomics, and explicit user consent are essential to mitigate potential abuse and supply-chain risks.

SUSPICIOUS/HIGH-RISK skill: its functionality is internally coherent for purple-team threat emulation, and the install sources are broadly legitimate, but it gives an AI agent explicit offensive security execution capability on the host. This is not confirmed malware, yet it is a high-risk security skill because it can run adversary simulations with real endpoint effects and only minimal safety scoping.