binary-exploitation-methodology

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High-risk: the content is an explicit, step‑by‑step offensive exploitation manual (RCE techniques like ret2libc/ROP/shellcode, persistence via GOT/.fini_array hooks, tcache/heap exploits, seccomp bypasses and one_gadget usage) that directly enables system compromise, remote code execution and creation of backdoors/persistent access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's references (references/libc-identification.md) explicitly direct the agent to use public third-party resources (e.g., the online service libc.blukat.me and the public libc-database GitHub) to identify libc versions and offsets, which the agent would read and use to compute exploit payloads—allowing untrusted web content to materially influence subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Flagged because the skill explicitly instructs modifying system security settings (e.g., "echo 0 > /proc/sys/kernel/randomize_va_space" to disable ASLR) and describes techniques to bypass or change protection mechanisms, which compromise the host's state and may require elevated privileges.