tencent-pentesting

这是一个与其声明目的一致的腾讯云攻击技能，但其目的本身就是为 AI 代理提供渗透、提权、凭据获取和资源接管能力。安装来源基本官方，未见明显伪装或凭据转发到异常第三方；主要风险来自其高危 offensive-security 能力和对真实云资源的直接控制。

This fragment is an explicit, multi-service offensive playbook for exploiting Tencent Cloud permissions to enumerate resources, obtain Kubernetes credentials (kubeconfig), extract Kubernetes/SCF/CLS/SSM secrets, decrypt data using KMS, harvest metadata-based cloud credentials from within a pod, and optionally achieve privilege escalation and persistence. Although it is not executable malware code, its content is directly actionable for credential theft and compromise, creating a high security/misuse risk if present in a software package dependency.

This fragment is highly suspicious and effectively a cloud-attack playbook covering credential theft from instance metadata, arbitrary command execution via a cloud agent, COS public exposure/data exfiltration, TencentDB account provisioning, and CLB traffic hijacking. While it contains no library implementation code in this excerpt, its operational content is directly usable for compromise and post-exploitation. Treat the package/repository as high security-risk and investigate for additional malicious code elsewhere (outside this snippet).