copyfail-go-lpe

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These links point to prebuilt local‑privilege‑escalation exploit binaries and associated small/unknown GitHub accounts/domains (copy.fail, ara.so) — direct-download executables for an LPE are a high‑risk malware/exploit distribution vector.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is an explicit, ready-to-run local privilege-escalation exploit: it contains obfuscated embedded payloads, instructions to overwrite a setuid binary (/usr/bin/su) to spawn a root shell or run arbitrary code, guidance to download prebuilt binaries (supply-chain risk), and steps to hide/restore changes—behavior that is deliberate system compromise and clearly malicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Getting the Binary" section explicitly instructs downloading and executing prebuilt releases from a public GitHub URL (https://github.com/badsectorlabs/...), which is an open, untrusted third-party source whose content is fetched and executed as part of the required workflow and can directly change the agent's actions/outcomes.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs users at runtime to curl and run prebuilt binaries hosted on GitHub (e.g., https://github.com/badsectorlabs/copyfail-go/releases/latest/download/copyfail-go_linux_amd64), which directly delivers remote executable code the skill relies on and tells operators to execute.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly provides a local privilege-escalation exploit with step-by-step commands to patch /usr/bin/su, spawn a root shell, and modify system files—directly instructing actions that compromise the host system.