ctf-pwn

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High-risk dual-use content: this skill contains detailed, actionable exploitation techniques (buffer overflows, format strings, heap exploits, ROP, ret2libc, spawning shells and leaking memory) that enable remote code execution and information disclosure (data exfiltration), so it can be readily abused for system compromise even though it does not explicitly describe credential theft, supply-chain attacks, or obfuscation payload delivery.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly guides the agent to discover and craft exploits (e.g., inject shellcode, call system("/bin/sh"), ret2libc, test exploits locally) which push the agent toward executing arbitrary code and obtaining shells on the host—actions that can compromise machine state—even though it doesn't explicitly ask for sudo or account/config changes.