SKILL: Sandbox Escape — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert sandbox escape techniques across Python, Lua, seccomp, chroot, Docker/container, and browser sandbox contexts. Covers CTF pyjail patterns, seccomp architecture confusion, chroot fd leaks, namespace escape, and Mojo IPC abuse. Distilled from ctf-wiki sandbox sections and real-world container escapes. Base models often miss the distinction between sandbox types and apply wrong escape techniques.

0. RELATED ROUTING

• browser-exploitation-v8 — V8 exploitation for renderer RCE before browser sandbox escape
• container-escape-techniques — Docker/container specific escape techniques
• kernel-exploitation — kernel exploit for container/namespace escape
• linux-privilege-escalation — post-escape privilege escalation

Advanced References

• PYTHON_SANDBOX_ESCAPE.md — Full pyjail methodology: __builtins__ recovery, keyword bypass, AST bypass, pickle escape
• SECCOMP_BYPASS.md — Architecture confusion, io_uring bypass, ptrace bypass, allowed syscall chaining

1. SANDBOX TYPE IDENTIFICATION