windows-kernel-security

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content explicitly describes techniques to bypass kernel protections (PatchGuard, DSE, HVCI), load/abuse vulnerable signed drivers, achieve arbitrary kernel code execution, and perform memory hiding/anti‑cheat evasion — capabilities clearly usable for privilege escalation, persistence, and stealthy system compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Data Source section in SKILL.md explicitly instructs the agent to fetch and reference content from the public GitHub raw URL (https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md), which is untrusted, user-generated third-party content that the agent must read and use to drive recommendations and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and reference runtime content from https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md, which would be injected into the agent's context and directly control prompts/responses.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs on kernel exploitation and bypassing protections (disabling DSE, loading drivers, achieving kernel read/write, modifying SSDT/physical memory), which require elevated privileges and directly modify the machine's state.