red-team-tactics

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains explicit, actionable guidance for credential theft (Kerberoasting, DCSync, Golden Ticket), persistence and privilege escalation (cron jobs, SUID, service path abuse), defense evasion (timestomping, log clearing, obfuscation), C2/remote access and exfiltration techniques, and supply‑chain vectors—patterns that directly enable deliberate malicious compromise and backdoor behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly describes and encourages techniques that alter system state—privilege escalation, modifying services/cron, timestomping and log clearing, and persistence—which can be used to obtain sudo, modify protected files, or otherwise compromise the host.