post-exploit-windows

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit post‑exploitation playbook: it instructs on privilege escalation (Potato/PrintSpoofer/juicypotato, service binary replacement, AlwaysInstallElevated, UAC bypass), credential theft (SAM/LSASS/browser dumps, Mimikatz/comsvcs.dll, secretsdump), creating persistent backdoors (adding admin users, modifying services/AutoRun/MSI), and other offensive actions — clearly intended for malicious compromise and abuse.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs privilege escalation (Potato, UAC bypass), modifying services/binaries, and dumping/stealing credentials (LSASS/SAM), all actions that directly modify or compromise the host system and require elevated privileges.