Windows Privilege Escalation

[Skill Scanner] Instruction to copy/paste content into terminal detected All findings: [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] This skill contains explicit, actionable offensive techniques for privilege escalation on Windows: credential harvesting, modifying services to execute attacker payloads, kernel exploit discovery, token impersonation (Potato attacks), and deploying reverse shells. While the stated purpose is penetration testing, the content is directly usable for unauthorized attacks and facilitates credential theft and remote code execution. There are no technical restrictions to prevent misuse beyond a textual reminder to have authorization. Overall this artifact is high-risk and should be treated as malicious-capability guidance in contexts where execution or automation is possible; publish/use only under strict access control and with human-in-the-loop safeguards. LLM verification: This skill is offensive by design: it provides explicit, actionable steps and commands to perform Windows privilege escalation (credential dumping, service hijacking, reverse shells, etc.). The capabilities match the stated purpose, so it is internally consistent, but the content is high-risk and easily abused. For supply-chain assessment: the document itself is not obfuscated and does not contain embedded malware binaries, but it prescribes using powerful dual-use tools and network exfiltration