ioc-analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is explicitly a red-team/manual for building and operating covert C2/backdoor infrastructure and evasion techniques — it provides step‑by‑step instructions for remote command & control, data exfiltration, phishing/payload delivery, credential/OPSEC avoidance (domain fronting, JA3/JARM/UA manipulation, redirectors, proxying, log destruction, crypto payments), and therefore clearly enables malicious backdoor behavior and attribution evasion.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md and references/c2-infra-opsec.md explicitly instruct runtime fetching and parsing of public, untrusted sources (e.g., curl calls to VirusTotal, crt.sh, PassiveTotal/Shodan APIs and a git clone from GitHub) and use those results in automated checks/alerts and infrastructure decisions, so third‑party content can materially influence agent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill provides actionable, operational instructions for building, configuring and rotating C2 infrastructure (setting up redirectors like Apache/Nginx, managing VPS, recompiling payloads, self-destructing payloads and destroying instances) which can lead an agent to modify system state or manage privileged services even though it does not explicitly instruct obtaining sudo or creating local user accounts.