審計紀錄
exploitation-knowledge - 6 審計
審計版本 6
最新 高風險Jun 28, 2026, 09:34 PM
Static findings are mostly true positives for dangerous instructional content, not for hidden executable malware. The skill provides actionable exploitation workflows, reverse shells, Metasploit usage, SQL injection shell access, file reads, credential testing, and flag capture. No evidence found of prompt injection or automatic code execution during skill loading.
高風險問題 (4)
中風險問題 (3)
低風險問題 (1)
風險因素
偵測到的模式
審計版本 5
安全Jan 16, 2026, 09:52 PM
This is a pure documentation/methodology knowledge base for penetration testing education. The static scanner flagged 154 patterns found in documentation examples (tool references, command syntax, IP addresses) but failed to recognize the educational context. All findings are FALSE POSITIVES - this skill contains only written guidance about exploitation techniques, no executable code, no network operations, and no file system access. Content is consistent with authorized security research and industry-standard pentesting methodology used by security professionals on platforms like HackTheBox.
風險因素
🌐 網路存取 (24)
⚙️ 外部命令 (76)
審計版本 4
安全Jan 16, 2026, 09:52 PM
This is a pure documentation/methodology knowledge base for penetration testing education. The static scanner flagged 154 patterns found in documentation examples (tool references, command syntax, IP addresses) but failed to recognize the educational context. All findings are FALSE POSITIVES - this skill contains only written guidance about exploitation techniques, no executable code, no network operations, and no file system access. Content is consistent with authorized security research and industry-standard pentesting methodology used by security professionals on platforms like HackTheBox.
風險因素
🌐 網路存取 (24)
⚙️ 外部命令 (76)
審計版本 3
安全Jan 10, 2026, 12:07 PM
Pure knowledge-base skill containing only documentation and methodology guidance for penetration testing. No executable code, scripts, network operations, or file system access beyond reading the skill file itself. Content is consistent with authorized security research and educational purposes.
審計版本 2
安全Jan 10, 2026, 12:07 PM
Pure knowledge-base skill containing only documentation and methodology guidance for penetration testing. No executable code, scripts, network operations, or file system access beyond reading the skill file itself. Content is consistent with authorized security research and educational purposes.
審計版本 1
安全Jan 10, 2026, 12:07 PM
Pure knowledge-base skill containing only documentation and methodology guidance for penetration testing. No executable code, scripts, network operations, or file system access beyond reading the skill file itself. Content is consistent with authorized security research and educational purposes.