exploiting-vulnerabilities-with-metasploit-framework

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High-risk dual-use content: although framed for authorized vulnerability validation, the skill explicitly documents and automates remote code execution (Metasploit exploit modules, msfvenom reverse shells), post‑exploitation actions that capture credentials (hashdump, keyscan_start, credential collectors), and automation that can run checks/exploits via RPC or resource scripts — there are no hidden backdoors or covert exfiltration routines in the code, but the material clearly enables deliberate malicious activity if misused.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly instructs running sudo commands to start services and initialize the Metasploit DB and contains post‑exploitation actions (e.g., meterpreter commands) that encourage using elevated privileges and modifying the agent host's state.