docker-escape

该技能的实际用途是让 AI 代理执行 Docker 容器逃逸、宿主机提权、持久化和凭证搜集，属于高风险攻击能力。其能力范围与普通 cloud/devops 技能明显不相称，且会读取敏感信息并通过 Docker 控制面、挂载和 cron 直接影响宿主机；应判定为高风险、可疑且不应赋予通用代理。

The provided content is a highly actionable container/Docker escape, privilege-escalation, persistence, and secret-exfiltration playbook. It contains explicit mechanisms to execute attacker code on the host (core_pattern pipe, cgroup release_agent, nsenter/chroot), manipulate Docker control interfaces to spawn privileged host-bound containers, and steal credentials (including build-context secret theft) with reverse-shell/C2-style exfiltration. This is not benign library code and should be treated as malicious material.