container-escape-techniques

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The playbook explicitly instructs reading and outputting sensitive host secrets (e.g., cat /etc/shadow, cat /proc/1/root/etc/shadow), which directs exfiltration of passwords/hashes in plaintext.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is a clear, intentional attacker playbook: it provides step‑by‑step container escape and host compromise techniques (Docker socket/API abuse, nsenter, cgroup release_agent, runc/containerd CVEs), explicit credential theft and exfiltration examples (cat /etc/shadow), persistence/backdoor instructions (adding SSH keys, cron reverse shells), and methods to create privileged pods via stolen service account tokens — all indicating deliberate malicious intent to gain unauthorized host access and maintain persistence.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill contains explicit, actionable instructions to escape containers and obtain/abuse root/privileged access (mount host fs, nsenter, use /var/run/docker.sock, exploit CVEs, read/modify host files), which directly compromises the host machine state.