The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides explicit instructions for establishing unauthorized persistence on a target system by appending a public key to the ~/.ssh/authorized_keys file.\n- [COMMAND_EXECUTION]: Provides detailed commands for automated SSH brute-forcing and password spraying using tools like Hydra, Medusa, and Ncrack.\n- [DATA_EXFILTRATION]: Includes instructions for locating and exfiltrating sensitive private SSH keys (id_rsa, id_dsa, etc.) from standard system and user directories.\n- [DATA_EXFILTRATION]: Describes methods to find and download potentially exposed private keys from remote web servers using curl and wget.\n- [CREDENTIALS_UNSAFE]: Directs users to search for plaintext credentials and sensitive historical commands within user shell history files such as .bash_history.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. Evidence chain: (1) Ingestion points: Untrusted target IP addresses and wordlist paths in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: Network access and command execution via paramiko.exec_command and external binaries. (4) Sanitization: Absent; input is interpolated directly into command strings.

SSH Penetration Testing