The Agent Skills Directory

[COMMAND_EXECUTION]: The agent is instructed to use the bash tool to perform cross-compilation of source code that has been integrated with malicious evasion and injection logic.
[REMOTE_CODE_EXECUTION]: The references/evasion-techniques-db.json file contains hundreds of templates for code execution and process injection, including techniques like Process Hollowing (T111), Thread Hijacking (T022), and Reflective PE Loading (T171).
[EXTERNAL_DOWNLOADS]: The skill references a vast array of untrusted external GitHub repositories and exploit databases (e.g., loldrivers.io, github.com/icyguider/Shhhloader) that host malware payloads and evasion tools.
[PRIVILEGE_ESCALATION]: Extensive templates (T129-T134) are provided for 'Bring Your Own Vulnerable Driver' (BYOVD) attacks, which are used to disable kernel-level security features like Driver Signature Enforcement (DSE) and gain system privileges.
[PROMPT_INJECTION]: The methodology involves ingesting and processing untrusted external source code without specifying sanitization or boundary markers, creating a vulnerability to indirect prompt injection through malicious code comments or strings.

evasion-technique-integrate