privesc-check

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content provides explicit, actionable privilege-escalation methods (sudo/SUID/capabilities, writable cron or /etc/passwd, Docker host access, service binary replacement, SeImpersonate→Potato, etc.) that enable unauthorized system compromise, persistence, and remote code execution and is therefore high-risk and easily abused for malicious activity.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs checks and exploitation steps that modify system state—e.g., altering root cron scripts, adding entries to /etc/passwd, replacing service binaries, and using sudo/privilege-escalation exploits—so it directs the agent to bypass security and change the machine.