shellcode-loader-generate

This JSON fragment is a high-risk, malware-enabling blueprint that instructs generation of Windows shellcode loaders (C and Rust) using executable memory allocation (RWX), payload copying, and execution via CreateThread or Fiber/ConvertThreadToFiber, with additional evasion-oriented guidance (syscall/hook bypass concepts). While no runtime exploit code is executed in the snippet itself, the specified behavior is directly aligned with malicious payload delivery, making it unsafe for use without strong containment and review.

This JSON manifest documents multiple in-memory loader variants and explicit evasion techniques (shellcode storage, decryption keys, VirtualAlloc/memcpy allocation+write, and many execution primitives), along with anti-analysis mechanisms (anti-debug, ETW bypass, API hashing/PEB walking). It is highly indicative of malicious loader/malware tooling and should be treated as malicious configuration/intelligence. Do not include it in trusted builds or publish it as part of production dependencies.

This JSON is a clear, purpose-built catalog of techniques to load, hide, and execute shellcode on Windows, listing actionable APIs, code templates and references to offensive tooling repositories. While the file itself is not executable, it documents and facilitates malicious behavior (in-memory code injection, process injection, evasion techniques, and remote payload retrieval). Treat this artifact as malicious/weaponization guidance and high risk in a software supply chain context; inclusion in a package is a serious red flag and should be removed or audited thoroughly for intent before use.

High-risk malicious-capability scaffold. The fragment demonstrates a complete in-memory execution pattern (RWX memory allocation, copying provided bytes into that memory, then executing the memory as code) and is framed as part of a loader/evasion generation workflow. Treat this as dangerous and unsuitable for benign dependencies; if present in a dependency chain, review for provenance, intended use, and whether any generated/packaged executables include real payload delivery/execution beyond templates.

MALICIOUS: the skill’s stated purpose is to generate evasive shellcode loaders for Windows, including injection-style executors and compilation into runnable binaries. Its capabilities are fundamentally incompatible with benign assistant use and directly enable malware development.