The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides commands to modify system services to execute arbitrary binaries with elevated privileges, such as using sc config to redirect service binary paths to reverse shell payloads. It also provides instructions for executing exploit binaries like JuicyPotato.exe and PrintSpoofer.exe.- [CREDENTIALS_UNSAFE]: Includes methodologies for harvesting sensitive credentials from system files such as the SAM and SYSTEM hives, as well as searching the registry and file system for plaintext passwords and WiFi security keys.- [EXTERNAL_DOWNLOADS]: References numerous third-party security tools and exploit scripts, including WinPEAS, Seatbelt, Watson, and Sherlock.ps1, which are not hosted within trusted organizations.- [REMOTE_CODE_EXECUTION]: Demonstrates how to generate and execute malicious MSI packages via msfvenom to establish reverse shells with system-level privileges.- [DATA_EXFILTRATION]: Provides the means to capture and extract sensitive information such as password hashes and session data, often using network-capable utilities like Netcat.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes untrusted data from system commands.
Ingestion points: Outputs from commands like systeminfo, wmic, net user, and icacls.
Boundary markers: None identified; system command outputs are interpolated directly into the context.
Capability inventory: High-impact capabilities including service modification, credential access, and exploit execution.
Sanitization: No evidence of sanitization or validation of data ingested from the target system environment.

windows-privilege-escalation