tunneling-and-pivoting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The playbook includes commands that embed plaintext secrets (e.g., -pw password, -P password, --secret=SHARED_SECRET, -k PASSWORD) and instructs placing shared passwords/keys directly into CLI/tool invocations, which would require the model to output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly malicious: it provides step-by-step, operational guidance for establishing covert tunnels, reverse shells and pivot chains (SSH port forwards, Chisel, Ligolo‑ng, socat, DNS/ICMP/HTTP tunneling, web shells, plink/netsh, ProxyChains, etc.) that enable remote code execution, backdoor access, lateral movement and data exfiltration from compromised hosts.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The playbook explicitly instructs privileged system changes (sudo ip tuntap, ip route add, editing /etc/proxychains4.conf, netsh portproxy, binding to 0.0.0.0, etc.), which require elevated privileges and modify the host's network/config state, so it pushes the agent to compromise the machine state.