ctf-malware

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains multiple explicit, actionable malicious patterns—C2 protocols (RC4/WebSocket, DNS tunneling), data exfiltration (Telegram bot token retrieval), remote code execution and injection techniques (CreateRemoteThread, process hollowing, shellcode staging), credential/token extraction, sandbox/VM evasion, and supply‑chain/postinst abuse—so it can be directly abused to perform or implement backdoors and exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's references/c2-and-protocols.md explicitly instruct using the Telegram Bot API (requests to api.telegram.org/getUpdates and file downloads) to fetch user-generated, third-party content (bot messages/files) that the agent would read and act on to recover exfiltrated data, creating a clear vector for indirect prompt injection.