offensive-cloud

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicit offensive guidance that details credential harvesting, privilege escalation, persistence/backdoor techniques, data exfiltration, and detection-evasion methods across AWS/Azure/GCP, and therefore represents high-risk malicious behavior.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs fetching and running public, user-generated tools (e.g., "git clone https://github.com/google/gcp_scanner" and use of Pacu/ROADtools/gcp_scanner) which pulls untrusted third-party content from GitHub and whose outputs are then read and used to guide enumeration and privilege‑escalation actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime fetching and execution of remote code via "git clone https://github.com/google/gcp_scanner" followed by "python gcp_scanner.py", which downloads external code that would be executed and can therefore control runtime behavior.