developing-bash
Warn
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides extensive guidance and automation for security auditing tools such as Nmap, Hydra, and the Metasploit Framework. It includes high-risk patterns for privilege escalation, such as escaping Docker containers by mounting the host root filesystem (
docker run -v /:/homeroot) and bypassing sudo restrictions through editor shell escapes (e.g.,sudo vim -c ':!/bin/bash'). - [REMOTE_CODE_EXECUTION]: The documentation includes templates for automating remote command execution via SSH and Metasploit's Meterpreter payloads. It also describes persistence mechanisms using reverse shells scheduled through crontab.
- [DATA_EXFILTRATION]: Instructions are provided for harvesting sensitive system credentials, specifically using the
unshadowtool to extract and combine/etc/passwdand/etc/shadowfor offline password cracking. It also provides patterns for sending data to external webhooks. - [CREDENTIALS_UNSAFE]: The skill references the use of
sshpassfor non-interactive password authentication. This method is generally considered unsafe as it can expose credentials in process lists, shell history, or script files.
Audit Metadata