ctf-misc
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous snippets for executing arbitrary shell and Python commands, including specific instructions for privilege escalation using SUID binaries and mounting the host root filesystem via the Docker group.
- [REMOTE_CODE_EXECUTION]: It documents various methods for achieving code execution, such as exploiting environment variables like PYTHONWARNINGS and BROWSER, and bypassing Python sandbox restrictions through object hierarchy traversal.
- [DATA_EXFILTRATION]: Techniques for exfiltrating data via DNS tunneling, including the use of TXT records and subdomain queries, are explicitly detailed.
- [PROMPT_INJECTION]: The skill documents the ingestion of untrusted external data (PCAP, CSV, images) and provides scripts to process them without sanitization, creating an indirect prompt injection surface.
Audit Metadata