dump-collect
Warn
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PRIVILEGE_ESCALATION]: The skill provides instructions to modify system-level settings, including the Linux kernel's core_pattern via sudo tee. Evidence found in references/nativeaot-dumps.md.
- [PRIVILEGE_ESCALATION]: Recommends running Docker containers with --privileged and SYS_PTRACE capabilities to enable process attachment and kernel configuration. Evidence found in references/container-dumps.md.
- [PRIVILEGE_ESCALATION]: Instructions for modifying Windows Registry keys from an elevated PowerShell session to configure Windows Error Reporting. Evidence found in references/nativeaot-dumps.md.
- [EXTERNAL_DOWNLOADS]: Fetches diagnostic tools from official Microsoft and Dotnet sources, including Sysinternals and GitHub repositories. Evidence found in references/nativeaot-dumps.md and references/coreclr-dumps.md.
- [COMMAND_EXECUTION]: Extensive use of shell and PowerShell commands for binary inspection and process management using tools like strings, nm, and dumpbin. Evidence found in SKILL.md.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external binaries in SKILL.md and process lists in references/container-dumps.md. It lacks explicit boundary markers or sanitization, and has access to sensitive capabilities like subprocess execution and registry modification.
Audit Metadata