windows-kernel-security
Fail
Audited by Snyk on Apr 28, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). This content provides explicit, actionable techniques for kernel-level exploitation and protection bypass (vulnerable-driver exploitation, DSE/PatchGuard/HVCI bypasses, physical memory access, hypervisor/EPT manipulation, driver loading utilities and memory hiding) which are highly dual‑use but can directly enable privilege escalation, remote code execution, persistence and anti-detection, so it poses a high malicious risk.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's Data Source section explicitly instructs the agent to construct and fetch raw files from public GitHub URLs (e.g., https://raw.githubusercontent.com/... and archive/description URL patterns) and to read those repository README/archive/description contents to answer user queries, which are untrusted, user-generated third‑party pages that can influence the agent's actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent at runtime to fetch and inject external content (e.g. https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md and related archive/description raw.githubusercontent.com URLs) into its responses, so remote files can directly control prompts and provide code/content the agent relies on.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs on loading drivers, disabling Driver Signature Enforcement, bypassing PatchGuard, exploiting vulnerable drivers, and performing kernel memory/physical access—actions that require and encourage privileged modifications to the host OS and thus compromise machine state.
Issues (4)
E006
CRITICALMalicious code pattern detected in skill scripts.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata