Skills
skills/wgpsec/aboutsecurity/apt-emulation/Snyk

apt-emulation

Fail

Audited by Snyk on May 9, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This content is a high-risk, dual-use red team playbook that explicitly instructs on building C2 infrastructure, deploying remote agents, credential theft (LSASS dumps, mimikatz), persistence (registry, scheduled tasks), process injection/hollowing, lateral movement (Pass-the-Hash, WinRM), and exfiltration over C2—features that constitute deliberate malicious behavior and backdoor capabilities usable for unauthorized compromise and data theft.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs fetching and using public threat-intel and code from external sites (e.g., "访问 attack-evals.mitre-engenuity.org" and Atomic Red Team GitHub/raw URLs shown in references/emulation-frameworks.md) which the agent would read and use to choose TTPs and execution steps, exposing it to untrusted third‑party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill contains runtime commands that fetch and execute remote code—e.g., "git clone https://github.com/mitre/caldera.git --recursive" (followed by pip3 install -r requirements.txt and python3 server.py) and "git clone https://github.com/redcanaryco/atomic-red-team.git"—so these external repos are pulled at runtime and result in executing remote code required for the described operations.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs offensive actions that change system state—persistence (registry Run keys, scheduled tasks), privilege escalation/UAC bypass, LSASS dumping, process hollowing and C2/tool setup—i.e. techniques that would compromise or modify the host and require elevated privileges.

Issues (4)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 9, 2026, 08:27 AM
Issues
4
Security Audit — snyk — apt-emulation