persist-maintain

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). 该内容明确为恶意指导：提供逐步命令与隐蔽手法用于部署和维持持久后门（PHP webshell、SSH 公钥植入、cron/systemd 反连 shell、SUID 后门、Windows 计划任务/注册表/服务/WMI 订阅、Sticky Keys 等），并包含多种混淆与逃避检测技术（eval/assert/变量函数、Base64 编码载荷、执行策略绕过、字符串拼接免杀等），明显用于未授权长期远程访问和隐蔽化。

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs creating persistent backdoors (webshells, SSH keys, cron jobs, systemd services, registry/WMIs, SUIDs) and modifying system-level files/configuration, which directly compromises and alters the machine's state.