lockpick
Fail
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides an extensive library of commands to exploit system misconfigurations, including sudo abuse (GTFOBins), SUID/SGID binary exploitation, Linux capabilities, and cron job hijacking.
- [DATA_EXFILTRATION]: It contains explicit instructions to locate and harvest sensitive data, including SSH private keys, AWS/cloud credentials, database passwords, and Terraform state files containing plaintext secrets.
- [REMOTE_CODE_EXECUTION]: Provides multiple reverse shell one-liners in various languages (Bash, Python, Perl, PHP, Ruby, Node.js) and instructions for establishing persistent backdoors via cron jobs and modified system files.
- [EXTERNAL_DOWNLOADS]: Fetches several external security and enumeration tools from GitHub repositories, including LinPEAS, pspy, Linux Exploit Suggester, and deepce.
- [COMMAND_EXECUTION]: Includes techniques for container breakout and Kubernetes cluster-admin escalation through ServiceAccount token abuse and RBAC misconfigurations.
- [REMOTE_CODE_EXECUTION]: Instructs on the compilation and execution of kernel exploits and shared libraries for privilege escalation (e.g., LD_PRELOAD exploitation).
Recommendations
- AI detected serious security threats
Audit Metadata