system

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill content contains explicit, step-by-step operational instructions for credential theft (DPAPI/browser extraction, LSASS/NTDS access, Kerberoast/DCSync), remote code execution and backdoors (reverse shells, forged SSH certs, malicious DLLs/MSI, service binary replacement), privilege escalation and persistence techniques (SUID creation, cron/startup manipulation, AD ACL abuse, RBCD, ADCS abuses), and data exfiltration/pivoting patterns — all of which are deliberate abuse behaviors enabling system/domain compromise.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs the agent to perform enumeration, privilege escalation, and exploit development to achieve root/domain-admin access (e.g., kernel exploits, SUID/sudo abuse, AD attacks), which directly encourages compromising and modifying the machine and its state.