Cloud Penetration Testing

[Skill Scanner] URL pointing to executable file detected All findings: [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill is a detailed offensive cloud penetration testing guide. Its stated purpose (authorized pentesting) matches the capabilities, but many instructions explicitly enable credential harvesting, privilege escalation, and persistent backdoors (importing stolen tokens, creating Owner service principals, creating IAM access keys, metadata harvesting). The document is coherent for red-team use but presents high abuse potential and should only be used within strict legal and operational controls. Review (and audit) any referenced scripts/tools before executing. Treat it as SUSPICIOUS: legitimate for authorized testers but dangerous if misused. LLM verification: The skill is a high-risk, dual-use penetration-testing playbook. Its capabilities align with its stated purpose (offensive cloud testing) but include explicit, high-impact persistence and credential-harvesting recipes (importing stolen contexts, creating service principals and granting Global Admin/Owner, extracting Key Vault secrets, dumping user attributes that contain passwords). Distribution of this skill as-is is dangerous because it: (1) documents direct credential exfiltration and backdoo