The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script utilizes subprocess.run with shell=True to perform system enumeration tasks. This pattern allows for the execution of arbitrary shell commands and is vulnerable to manipulation if the system output being processed (such as filenames or script paths in cron jobs) contains malicious shell metacharacters.
[EXTERNAL_DOWNLOADS]: The skill provides instructions and references for downloading and running external scripts and binaries from third-party GitHub repositories (e.g., linPEAS, winPEAS, PrintSpoofer), which are executed to automate the discovery of escalation paths.
[DATA_EXFILTRATION]: The assessment workflow includes instructions for the agent to access and extract highly sensitive system data, including password hashes from /etc/shadow, credentials from .env files, and cloud instance metadata containing IAM roles from the link-local address 169.254.169.254.
[REMOTE_CODE_EXECUTION]: The documentation provides detailed steps for generating malicious MSI packages via msfvenom and executing them on target systems to achieve reverse shells and SYSTEM-level privileges.

performing-privilege-escalation-assessment