network-protocol-attacks

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This playbook contains explicit, actionable instructions and tooling for traffic interception, credential capture and relay (LLMNR/NTLM/mitm6/ntlmrelayx), domain compromise (machine account creation/RBCD), remote command execution, VLAN/STP manipulation, DNS/DHCPv6 poisoning, and IDS/IPS evasion—clearly intended to enable unauthorized access, credential theft, lateral movement, and persistence.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using Responder and mitm6 to capture and parse LLMNR/NBT-NS/mDNS/DHCPv6 responses and NetNTLM hashes from victim hosts (see SKILL.md §2–§4 and NAME_RESOLUTION_POISONING.md §1–§4), i.e., ingesting untrusted third-party network traffic and credentials that directly drive cracking/relay actions and subsequent tool use.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs privileged modifications to the host (e.g., echo 1 > /proc/sys/net/ipv4/ip_forward, modprobe, editing /etc/ettercap/etter.dns, creating VLAN interfaces and running raw-packet tools), which change kernel/network state and require elevated/sudo privileges, so it pushes the agent to compromise the machine's state.