ctf-pwn

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is high-risk: it contains explicit step-by-step exploit techniques including backdoor device examples, arbitrary chmod and /etc/passwd modification for privilege escalation, reverse-shell/file-descriptor redirection, kernel and heap exploit recipes and remote code execution patterns that enable system compromise and unauthorized access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill includes exploit templates that connect to arbitrary remote services (e.g., "nc host port", pwntools remote('host', port')) and parse their outputs (io.recvline(), arb_read, format-string leaks) and also directs use of public lookup sites like libc.blukat.me and libc.rip, so it clearly ingests and interprets untrusted third-party content.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs modifying system files (e.g., /etc/passwd, /etc/shadow, /etc/sudoers), changing permissions via a backdoor device, and performing privilege escalation (su root), which directly encourages compromising the host system state.