threat-hunting-evasion

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is a clear offensive red‑team/attacker playbook providing explicit, practical techniques and code for detection-rule bypass, stealthy payload delivery and in‑memory execution, credential theft (LSASS dumps, DCSync), persistence/backdoors (services, scheduled tasks, registry, DLL sideloading), EDR/AMSI/ETW tampering, and C2/exfiltration—i.e., deliberate malicious enablement.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly instructs fetching and analyzing public, community-sourced detection rules (e.g., "git clone https://github.com/SigmaHQ/sigma.git" and the grep/sigmac/yara commands in references/detection-rules-bypass.md and SKILL.md) so the agent would ingest untrusted third-party content (GitHub repos, YARA/Sigma rules, external URLs) that can directly influence tool use and evasion decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs red-team evasion techniques (YARA/Sigma/EDR bypass, LSASS dumping, using LOLBins/COM/WMI, modifying PE headers, encrypted payloads, C2 evasion) that enable active compromise and persistence on a host and bypass security controls, so it promotes compromising the machine state.