審計紀錄
pentest-coordinator - 6 審計
審計版本 6
最新 高風險Jun 28, 2026, 09:37 PM
Static command, network, filesystem, credential, and privilege-escalation findings are confirmed as real because the Markdown instructs an AI agent to execute offensive actions. The skill directs autonomous reconnaissance, exploitation, Active Directory account manipulation, credential attacks, and root flag capture with repeated instructions not to stop. No evidence found of third-party exfiltration or audit-specific prompt injection, but the unguarded autonomous offensive workflow is high risk and not safe to publish without strict authorization controls.
高風險問題 (5)
中風險問題 (3)
低風險問題 (2)
風險因素
⚙️ 外部命令 (7)
🌐 網路存取 (5)
📁 檔案系統存取 (4)
偵測到的模式
審計版本 5
高風險Jan 16, 2026, 09:56 PM
Legitimate penetration testing framework designed for CTF and lab environments. Contains offensive security capabilities (network scanning, exploitation, privilege escalation) but includes safety mechanisms (password budgets, time limits, circuit breakers). Static findings confirm legitimate pentesting tool patterns - no malicious intent detected. Designed for authorized testing only per documentation.
中風險問題 (1)
風險因素
⚙️ 外部命令 (2)
🌐 網路存取 (2)
📁 檔案系統存取 (2)
審計版本 4
高風險Jan 16, 2026, 09:56 PM
Legitimate penetration testing framework designed for CTF and lab environments. Contains offensive security capabilities (network scanning, exploitation, privilege escalation) but includes safety mechanisms (password budgets, time limits, circuit breakers). Static findings confirm legitimate pentesting tool patterns - no malicious intent detected. Designed for authorized testing only per documentation.
中風險問題 (1)
風險因素
⚙️ 外部命令 (2)
🌐 網路存取 (2)
📁 檔案系統存取 (2)
審計版本 3
中風險Jan 10, 2026, 12:07 PM
Legitimate penetration testing framework for authorized security testing. Contains offensive capabilities but includes safety mechanisms and is designed for controlled environments only.
中風險問題 (1)
風險因素
審計版本 2
中風險Jan 10, 2026, 12:07 PM
Legitimate penetration testing framework for authorized security testing. Contains offensive capabilities but includes safety mechanisms and is designed for controlled environments only.
中風險問題 (1)
風險因素
審計版本 1
中風險Jan 10, 2026, 12:07 PM
Legitimate penetration testing framework for authorized security testing. Contains offensive capabilities but includes safety mechanisms and is designed for controlled environments only.