スキル network-netcat 監査履歴
📦

監査履歴

network-netcat - 6 監査

監査バージョン 6

最新 重大

Jun 28, 2026, 05:44 AM

Static analysis reported extensive command execution, network, and filesystem patterns. Manual review confirms critical risk in SKILL.md because it provides actionable reverse shell, bind shell, persistence, payload delivery, pivoting, and data exfiltration workflows; several findings in template reference files are benign educational examples. No evidence found of prompt injection text in the reviewed files.

5
スキャンされたファイル
2,086
解析された行数
13
検出結果
codex
監査者

重大な問題 (3)

SKILL.md:174-191SKILL.md:196-205SKILL.md:212-220SKILL.md:498-523
Actionable Reverse and Bind Shell Guidance
TRUE POSITIVE: SKILL.md gives step-by-step reverse shell, bind shell, PTY upgrade, and reconnection patterns. This enables unauthorized interactive command execution if copied outside an approved lab. Confidence 0.96. Confidence reasoning: The static shell execution findings are confirmed by multiple semantically aligned shell access sections, including Linux, Windows, PowerShell, and persistence-like reconnection examples.
SKILL.md:413-439
Persistent Backdoor Setup Instructions
TRUE POSITIVE: SKILL.md describes creating a persistent netcat service, cron startup entry, and Windows scheduled task. These are durable access mechanisms and match malicious persistence behavior. Confidence 0.98. Confidence reasoning: The cited section explicitly labels the pattern as a persistent backdoor and provides platform-specific persistence mechanisms.
SKILL.md:397-410
Data Exfiltration Workflow
TRUE POSITIVE: SKILL.md includes a data exfiltration pattern for sensitive system files, database dumps, and compressed directories over netcat. This is direct unauthorized data transfer guidance. Confidence 0.97. Confidence reasoning: The section title and examples align with exfiltration behavior, including sensitive file and database movement to an attacker-controlled listener.

高リスクの問題 (2)

SKILL.md:382-395SKILL.md:444-455
Post-Exploitation Payload Delivery and Metasploit Use
TRUE POSITIVE: SKILL.md explains staged payload delivery and using netcat through Metasploit sessions. This materially supports post-exploitation control of compromised systems. Confidence 0.93. Confidence reasoning: The source names compromised hosts, payload stages, and Metasploit session actions, which confirms offensive post-exploitation context.
SKILL.md:289-324
Relay, Pivot, and Covert Communication Guidance
TRUE POSITIVE: SKILL.md covers relays through compromised hosts, internal network pivoting, and simple covert communication channels. These techniques can bypass segmentation and monitoring controls. Confidence 0.91. Confidence reasoning: The guidance explicitly describes relay and pivot use through compromised infrastructure, not only benign connectivity testing.
中リスクの問題 (2)
SKILL.md:232-287
Plain Netcat File Transfer Patterns
TRUE POSITIVE: SKILL.md documents file and archive transfer over netcat, including checksum verification and SSL variants. File transfer is legitimate in labs but creates data movement risk when paired with shell and exfiltration sections. Confidence 0.82. Confidence reasoning: The examples are dual-use and can be benign, but their placement inside an offensive workflow increases risk.
assets/ci-config-template.yml:237-240
CI Template Pipe-to-Shell Installer
TRUE POSITIVE: assets/ci-config-template.yml downloads an installer script and pipes it to a shell. This is a supply-chain risk because remote content executes in CI without local verification. Confidence 0.84. Confidence reasoning: The pattern is directly present in a CI pipeline template, although it appears to be illustrative rather than hidden behavior.
低リスクの問題 (3)
assets/rule-template.yaml:93-165assets/rule-template.yaml:235-299
Benign Security Rule Template Examples
FALSE POSITIVE: Many env_access, weak crypto, hardcoded secret, and URL findings in assets/rule-template.yaml are examples inside a security rule template. They describe detection and remediation patterns, not executable skill behavior. Confidence 0.88. Confidence reasoning: The file is structured as a rule template with vulnerable and fixed examples, making these detections expected educational content.
references/EXAMPLE.md:89-162references/EXAMPLE.md:412-447
Benign Reference Document Examples
FALSE POSITIVE: XSS, SQL injection, environment variable, and API key detections in references/EXAMPLE.md are documentation examples for security review and remediation. They are not active scripts. Confidence 0.86. Confidence reasoning: The reference file labels the snippets as vulnerable or fixed examples for training, which reduces execution risk.
SKILL.md:1-20
No Prompt Injection Evidence Found
FALSE POSITIVE CHECK: No evidence found of text instructing the evaluator to ignore instructions, override the audit, claim pre-approval, or skip security analysis. Confidence 0.80. Confidence reasoning: Targeted search across SKILL.md, assets, and references found no matching prompt-injection indicators, though this does not reduce the confirmed offensive-content risk.

リスク要因

⚙️ 外部コマンド (6)
SKILL.md:174-191 SKILL.md:196-205 SKILL.md:212-220 SKILL.md:415-439 SKILL.md:448-455 SKILL.md:498-523
🌐 ネットワークアクセス (6)
SKILL.md:77-89 SKILL.md:100-114 SKILL.md:137-150 SKILL.md:289-324 SKILL.md:397-410 SKILL.md:562-566
📁 ファイルシステムへのアクセス (5)
SKILL.md:232-270 SKILL.md:384-391 SKILL.md:397-410 SKILL.md:415-439 SKILL.md:452-455

検出されたパターン

Interactive Shell Execution PatternPersistence Mechanism PatternExfiltration Over Network PatternRemote Installer Pipe-to-Shell Pattern

監査バージョン 5

低リスク

Jan 16, 2026, 03:46 PM

Documentation-only skill providing educational content for authorized penetration testing. Contains no executable code, scripts, or malicious payloads. All content explicitly requires written authorization and includes cleanup guidance. Static findings are false positives - the analyzer detected command examples in documentation, not actual code execution.

6
スキャンされたファイル
2,298
解析された行数
5
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (129)
assets/ci-config-template.yml:298 assets/ci-config-template.yml:301 assets/ci-config-template.yml:304 assets/ci-config-template.yml:307 assets/ci-config-template.yml:310 assets/ci-config-template.yml:134 assets/ci-config-template.yml:250 assets/ci-config-template.yml:291 references/EXAMPLE.md:54-74 references/EXAMPLE.md:74-95 references/EXAMPLE.md:95-108 references/EXAMPLE.md:108-111 references/EXAMPLE.md:111-118 references/EXAMPLE.md:118-122 references/EXAMPLE.md:122-129 references/EXAMPLE.md:129-135 references/EXAMPLE.md:135-151 references/EXAMPLE.md:151-154 references/EXAMPLE.md:154-162 references/EXAMPLE.md:162-296 references/EXAMPLE.md:296-306 references/EXAMPLE.md:306-309 references/EXAMPLE.md:309-318 references/EXAMPLE.md:318-333 references/EXAMPLE.md:333-342 references/EXAMPLE.md:342-346 references/EXAMPLE.md:346-354 references/EXAMPLE.md:354-358 references/EXAMPLE.md:358-361 references/EXAMPLE.md:361-371 references/EXAMPLE.md:371-404 references/EXAMPLE.md:404-414 references/EXAMPLE.md:414-447 references/EXAMPLE.md:447-451 references/EXAMPLE.md:451-472 references/EXAMPLE.md:472-476 references/EXAMPLE.md:476-537 references/WORKFLOW_CHECKLIST.md:74 SKILL.md:198 SKILL.md:199 SKILL.md:531 SKILL.md:182 SKILL.md:198 SKILL.md:199 SKILL.md:531 SKILL.md:34-46 SKILL.md:46-77 SKILL.md:77-89 SKILL.md:89-100 SKILL.md:100-115 SKILL.md:115-119 SKILL.md:119-131 SKILL.md:131-137 SKILL.md:137-151 SKILL.md:151-164 SKILL.md:164-170 SKILL.md:170-174 SKILL.md:174-192 SKILL.md:192-196 SKILL.md:196-205 SKILL.md:205-212 SKILL.md:212-221 SKILL.md:221-224 SKILL.md:224-226 SKILL.md:226-237 SKILL.md:237-240 SKILL.md:240-243 SKILL.md:243-249 SKILL.md:249-253 SKILL.md:253-259 SKILL.md:259-263 SKILL.md:263-271 SKILL.md:271-277 SKILL.md:277-287 SKILL.md:287-293 SKILL.md:293-303 SKILL.md:303-307 SKILL.md:307-313 SKILL.md:313-319 SKILL.md:319-325 SKILL.md:325-371 SKILL.md:371-380 SKILL.md:380-384 SKILL.md:384-395 SKILL.md:395-399 SKILL.md:399-411 SKILL.md:411-415 SKILL.md:415-440 SKILL.md:440-448 SKILL.md:448-456 SKILL.md:456-460 SKILL.md:460-475 SKILL.md:475-482 SKILL.md:482-492 SKILL.md:492-498 SKILL.md:498-505 SKILL.md:505-515 SKILL.md:515-524 SKILL.md:524-529 SKILL.md:529-539 SKILL.md:465 SKILL.md:469 SKILL.md:460-475 SKILL.md:190 SKILL.md:191 SKILL.md:188 SKILL.md:220 SKILL.md:439 SKILL.md:176 SKILL.md:179 SKILL.md:182 SKILL.md:198 SKILL.md:199 SKILL.md:204 SKILL.md:214 SKILL.md:217 SKILL.md:424 SKILL.md:436 SKILL.md:450 SKILL.md:455 SKILL.md:461 SKILL.md:501 SKILL.md:504 SKILL.md:517 SKILL.md:523 SKILL.md:531 SKILL.md:484 SKILL.md:485 SKILL.md:488
🌐 ネットワークアクセス (24)
assets/ci-config-template.yml:240 assets/rule-template.yaml:43 assets/rule-template.yaml:44 assets/rule-template.yaml:45 assets/rule-template.yaml:73 assets/rule-template.yaml:118 assets/rule-template.yaml:119 assets/rule-template.yaml:151 assets/rule-template.yaml:191 assets/rule-template.yaml:192 assets/rule-template.yaml:193 assets/rule-template.yaml:217 assets/rule-template.yaml:260 assets/rule-template.yaml:261 assets/rule-template.yaml:288 SKILL.md:18 SKILL.md:19 SKILL.md:562 SKILL.md:563 SKILL.md:564 SKILL.md:565 SKILL.md:566 SKILL.md:309 SKILL.md:104
📁 ファイルシステムへのアクセス (21)
assets/ci-config-template.yml:323 assets/ci-config-template.yml:323 SKILL.md:389 SKILL.md:523 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:217 SKILL.md:217 SKILL.md:217 SKILL.md:217 SKILL.md:389 SKILL.md:390 SKILL.md:391 SKILL.md:453 SKILL.md:455 SKILL.md:500 SKILL.md:500 SKILL.md:501 SKILL.md:501
🔑 環境変数 (27)
assets/ci-config-template.yml:164 assets/ci-config-template.yml:164 assets/rule-template.yaml:148 assets/rule-template.yaml:148 assets/rule-template.yaml:147 assets/rule-template.yaml:162 assets/rule-template.yaml:132 assets/rule-template.yaml:147 assets/rule-template.yaml:148 assets/rule-template.yaml:156 assets/rule-template.yaml:157 assets/rule-template.yaml:162 assets/rule-template.yaml:162 assets/rule-template.yaml:163 assets/rule-template.yaml:164 assets/rule-template.yaml:165 references/EXAMPLE.md:423 references/EXAMPLE.md:423 references/EXAMPLE.md:423 references/EXAMPLE.md:424 references/EXAMPLE.md:425 references/EXAMPLE.md:427 references/EXAMPLE.md:430 references/EXAMPLE.md:432 references/EXAMPLE.md:437 references/EXAMPLE.md:437 references/EXAMPLE.md:444
⚡ スクリプトを含む (2)
references/EXAMPLE.md:138 references/EXAMPLE.md:137

監査バージョン 4

低リスク

Jan 16, 2026, 03:46 PM

Documentation-only skill providing educational content for authorized penetration testing. Contains no executable code, scripts, or malicious payloads. All content explicitly requires written authorization and includes cleanup guidance. Static findings are false positives - the analyzer detected command examples in documentation, not actual code execution.

6
スキャンされたファイル
2,298
解析された行数
5
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (129)
assets/ci-config-template.yml:298 assets/ci-config-template.yml:301 assets/ci-config-template.yml:304 assets/ci-config-template.yml:307 assets/ci-config-template.yml:310 assets/ci-config-template.yml:134 assets/ci-config-template.yml:250 assets/ci-config-template.yml:291 references/EXAMPLE.md:54-74 references/EXAMPLE.md:74-95 references/EXAMPLE.md:95-108 references/EXAMPLE.md:108-111 references/EXAMPLE.md:111-118 references/EXAMPLE.md:118-122 references/EXAMPLE.md:122-129 references/EXAMPLE.md:129-135 references/EXAMPLE.md:135-151 references/EXAMPLE.md:151-154 references/EXAMPLE.md:154-162 references/EXAMPLE.md:162-296 references/EXAMPLE.md:296-306 references/EXAMPLE.md:306-309 references/EXAMPLE.md:309-318 references/EXAMPLE.md:318-333 references/EXAMPLE.md:333-342 references/EXAMPLE.md:342-346 references/EXAMPLE.md:346-354 references/EXAMPLE.md:354-358 references/EXAMPLE.md:358-361 references/EXAMPLE.md:361-371 references/EXAMPLE.md:371-404 references/EXAMPLE.md:404-414 references/EXAMPLE.md:414-447 references/EXAMPLE.md:447-451 references/EXAMPLE.md:451-472 references/EXAMPLE.md:472-476 references/EXAMPLE.md:476-537 references/WORKFLOW_CHECKLIST.md:74 SKILL.md:198 SKILL.md:199 SKILL.md:531 SKILL.md:182 SKILL.md:198 SKILL.md:199 SKILL.md:531 SKILL.md:34-46 SKILL.md:46-77 SKILL.md:77-89 SKILL.md:89-100 SKILL.md:100-115 SKILL.md:115-119 SKILL.md:119-131 SKILL.md:131-137 SKILL.md:137-151 SKILL.md:151-164 SKILL.md:164-170 SKILL.md:170-174 SKILL.md:174-192 SKILL.md:192-196 SKILL.md:196-205 SKILL.md:205-212 SKILL.md:212-221 SKILL.md:221-224 SKILL.md:224-226 SKILL.md:226-237 SKILL.md:237-240 SKILL.md:240-243 SKILL.md:243-249 SKILL.md:249-253 SKILL.md:253-259 SKILL.md:259-263 SKILL.md:263-271 SKILL.md:271-277 SKILL.md:277-287 SKILL.md:287-293 SKILL.md:293-303 SKILL.md:303-307 SKILL.md:307-313 SKILL.md:313-319 SKILL.md:319-325 SKILL.md:325-371 SKILL.md:371-380 SKILL.md:380-384 SKILL.md:384-395 SKILL.md:395-399 SKILL.md:399-411 SKILL.md:411-415 SKILL.md:415-440 SKILL.md:440-448 SKILL.md:448-456 SKILL.md:456-460 SKILL.md:460-475 SKILL.md:475-482 SKILL.md:482-492 SKILL.md:492-498 SKILL.md:498-505 SKILL.md:505-515 SKILL.md:515-524 SKILL.md:524-529 SKILL.md:529-539 SKILL.md:465 SKILL.md:469 SKILL.md:460-475 SKILL.md:190 SKILL.md:191 SKILL.md:188 SKILL.md:220 SKILL.md:439 SKILL.md:176 SKILL.md:179 SKILL.md:182 SKILL.md:198 SKILL.md:199 SKILL.md:204 SKILL.md:214 SKILL.md:217 SKILL.md:424 SKILL.md:436 SKILL.md:450 SKILL.md:455 SKILL.md:461 SKILL.md:501 SKILL.md:504 SKILL.md:517 SKILL.md:523 SKILL.md:531 SKILL.md:484 SKILL.md:485 SKILL.md:488
🌐 ネットワークアクセス (24)
assets/ci-config-template.yml:240 assets/rule-template.yaml:43 assets/rule-template.yaml:44 assets/rule-template.yaml:45 assets/rule-template.yaml:73 assets/rule-template.yaml:118 assets/rule-template.yaml:119 assets/rule-template.yaml:151 assets/rule-template.yaml:191 assets/rule-template.yaml:192 assets/rule-template.yaml:193 assets/rule-template.yaml:217 assets/rule-template.yaml:260 assets/rule-template.yaml:261 assets/rule-template.yaml:288 SKILL.md:18 SKILL.md:19 SKILL.md:562 SKILL.md:563 SKILL.md:564 SKILL.md:565 SKILL.md:566 SKILL.md:309 SKILL.md:104
📁 ファイルシステムへのアクセス (21)
assets/ci-config-template.yml:323 assets/ci-config-template.yml:323 SKILL.md:389 SKILL.md:523 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:217 SKILL.md:217 SKILL.md:217 SKILL.md:217 SKILL.md:389 SKILL.md:390 SKILL.md:391 SKILL.md:453 SKILL.md:455 SKILL.md:500 SKILL.md:500 SKILL.md:501 SKILL.md:501
🔑 環境変数 (27)
assets/ci-config-template.yml:164 assets/ci-config-template.yml:164 assets/rule-template.yaml:148 assets/rule-template.yaml:148 assets/rule-template.yaml:147 assets/rule-template.yaml:162 assets/rule-template.yaml:132 assets/rule-template.yaml:147 assets/rule-template.yaml:148 assets/rule-template.yaml:156 assets/rule-template.yaml:157 assets/rule-template.yaml:162 assets/rule-template.yaml:162 assets/rule-template.yaml:163 assets/rule-template.yaml:164 assets/rule-template.yaml:165 references/EXAMPLE.md:423 references/EXAMPLE.md:423 references/EXAMPLE.md:423 references/EXAMPLE.md:424 references/EXAMPLE.md:425 references/EXAMPLE.md:427 references/EXAMPLE.md:430 references/EXAMPLE.md:432 references/EXAMPLE.md:437 references/EXAMPLE.md:437 references/EXAMPLE.md:444
⚡ スクリプトを含む (2)
references/EXAMPLE.md:138 references/EXAMPLE.md:137

監査バージョン 3

低リスク

Jan 10, 2026, 10:43 AM

Documentation-only skill providing educational content for authorized penetration testing. Contains no executable code, scripts, or malicious payloads. All content explicitly requires written authorization and includes cleanup guidance. This is legitimate offensive security documentation.

6
スキャンされたファイル
567
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 2

低リスク

Jan 10, 2026, 10:43 AM

Documentation-only skill providing educational content for authorized penetration testing. Contains no executable code, scripts, or malicious payloads. All content explicitly requires written authorization and includes cleanup guidance. This is legitimate offensive security documentation.

6
スキャンされたファイル
567
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 1

低リスク

Jan 10, 2026, 10:43 AM

Documentation-only skill providing educational content for authorized penetration testing. Contains no executable code, scripts, or malicious payloads. All content explicitly requires written authorization and includes cleanup guidance. This is legitimate offensive security documentation.

6
スキャンされたファイル
567
解析された行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした
← スキルに戻る