ics-traffic

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is a high-risk offensive toolkit: it explicitly documents and provides scripts for ARP spoofing/MITM, packet sniffing, injection, and replay against ICS/SCADA protocols, enabling interception, manipulation of control traffic and potential theft of credentials or disruption of critical systems.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running privileged commands (e.g., sudo sysctl -w net.ipv4.ip_forward=1, sudo ettercap/etterfilter, sudo arp -d) and to perform ARP spoofing and packet injection (MITM) which modify system/network state and require elevated privileges, so it pushes compromise of the host.