dma-attack-techniques

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content explicitly describes and provides actionable techniques for unauthorized DMA-based memory access (read/write), remote/wireless memory access, and multiple anti-detection/evasion methods (device/vendor spoofing, SMM, VMD hiding), which are deliberate behaviors for data exfiltration, remote compromise, and stealthy persistence—i.e., clearly malicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and use content from a public GitHub raw URL (https://raw.githubusercontent.com/gmh5225/awesome-game-security/.../README.md), which is untrusted, user-curated third‑party content that the agent is expected to read and act on to produce responses.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent at runtime to fetch and use content from https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md to retrieve and reference tools and implementations, so the externally fetched file would directly control the agent's responses.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill contains explicit, actionable instructions (pcileech commands, DMA read/write code, FPGA firmware and device-emulation/anti-detection techniques) that enable direct physical memory reads/writes and bypass OS protections, which can compromise the host machine's state.