OSCP Notes

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that embed plaintext credentials/keys directly (e.g., smbclient -U "username%password", crackmapexec -u 'user' -p 'pass', redis SET ssh_key "ssh-rsa AAAA...") and explicitly lists "captured credentials" as a deliverable, meaning the agent may be required to handle and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, actionable offensive techniques (reverse shells, RCE/exploits, SSH key injection via Redis, FTP upload of webshells, credential cracking and exfiltration methods, and persistence approaches) that enable unauthorized access, credential theft, and system compromise—making it high risk if misused.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes explicit commands that modify the host system (e.g., echo "10.10.10.135 target.htb" >> /etc/hosts, creating /mnt directories and mounting filesystems) which require elevated privileges and change the machine's state, so it directs actions that can compromise the agent host.