cicd-pipeline-attack

该技能不是普通 CI/CD 运维或防御参考，而是系统化的攻击手册，明确教 AI 代理识别、利用并扩展 CI/CD 入侵路径，包含 Secrets 窃取、外传、云环境穿越与供应链投毒。虽未包含恶意安装器或隐蔽代码，但其能力与高风险进攻用途高度一致，应判为高风险可疑技能而非确认型恶意软件。

This fragment is a multi-platform offensive playbook for CI/CD/IaC compromise. It explicitly describes RCE execution mechanisms (Jenkins Groovy/pipeline, Terraform external/local-exec, Atlantis workflows) and concrete credential/secret theft plus exfiltration via attacker-controlled HTTP(S) endpoints. While it is presented as instructional content rather than verified executable dependency code, its inclusion in a supply-chain artifact would be a severe red flag and should be treated as malicious until proven otherwise by confirming whether any parts are executed.