disk-forensics-evasion

SUSPICIOUS/HIGH-RISK skill. Its stated purpose openly includes anti-forensics, and the actual content is consistent with that offensive goal: it teaches an AI agent how to destroy recoverable evidence, alter timestamps, clear journals/logs, and minimize disk artifacts. There is little sign of credential theft or covert exfiltration, so this is not confirmed malware, but it is a high-risk security/exploit skill whose capabilities are fundamentally dangerous for an autonomous agent.

The provided “source” is not software dependency code; it is an operational red-team/anti-forensics instruction guide for ext4 artifacts and evidence evasion. It includes actionable steps to tamper with forensic artifacts (inode timestamps via debugfs, ext4 journal manipulation/overwriting, log rotation controls, and shell history suppression/clearing) and provides remote-to-execution examples (download payload → dynamic execution via shell/python/perl). This indicates very high potential for misuse in malicious intrusions, even though the fragment itself does not contain embedded malware or obfuscation.