performing-privilege-escalation-on-linux

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly offensive in intent: it provides step-by-step enumeration and exploitation techniques (sudo/vim/find abuses, LD_PRELOAD, pkexec/PwnKit, Dirty Pipe, SUID creation, cron/PATH hijacking, docker escapes), including commands to spawn root shells, create SUID backdoors, and fetch payloads from attacker-controlled URLs — all of which directly enable unauthorized privilege escalation and persistence.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflows (references/workflows.md and SKILL.md) explicitly instruct downloading and running tools from public sites (e.g., curl/wget to GitHub for linpeas.sh and links to https://gtfobins.github.io/), meaning the agent is expected to fetch and act on untrusted, user-supplied web content that can materially change actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs enumeration and exploitation techniques (commands, kernel exploits, SUID/sudo abuse, writable service files and tools) with the goal of obtaining root access and documenting evidence, which directly pushes the agent to compromise the host system.