DDoS Attack Testing

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links point to a private/local IP (potentially hosting arbitrary binaries) and GitHub repos that publish DoS/attack tools (Slowloris, GoldenEye)—legitimate for testing but dual‑use and commonly abused to deliver or run malicious payloads, so they should be treated as high risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains explicit, actionable instructions and tooling for conducting DDoS attacks (SYN/UDP/ICMP floods, application-layer attacks, source spoofing, and GUI attack tools), enabling straightforward malicious abuse and therefore presents a high risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs use of sudo, installing packages, and editing system files (e.g., /etc/snort/rules/local.rules), and directs running network-traffic-generating tools (hping3, Slowloris, LOIC) that modify system state and require elevated privileges.