審計紀錄
privilege-escalation-knowledge - 6 審計
審計版本 6
最新 嚴重Jun 28, 2026, 09:41 PM
Static findings are confirmed true positives: SKILL.md is an operational Linux privilege escalation playbook. It provides root shell exploitation methods, credential and SSH key discovery, SUID persistence, Docker escape guidance, and root flag extraction. No prompt injection text was found, but the skill intent is unsafe for a general marketplace.
嚴重問題 (5)
高風險問題 (3)
中風險問題 (2)
低風險問題 (1)
風險因素
⚙️ 外部命令 (14)
偵測到的模式
審計版本 5
安全Jan 16, 2026, 10:03 PM
Pure documentation/knowledge file (SKILL.md) containing educational security content. Static analyzer incorrectly flagged documentation of security concepts as threats. Contains shell command examples in markdown code blocks only - no executable code exists. This is legitimate security education equivalent to GTFOBins, OSCP materials, and security certification coursework. Requires existing initial access for authorized testing only.
風險因素
審計版本 4
安全Jan 16, 2026, 10:03 PM
Pure documentation/knowledge file (SKILL.md) containing educational security content. Static analyzer incorrectly flagged documentation of security concepts as threats. Contains shell command examples in markdown code blocks only - no executable code exists. This is legitimate security education equivalent to GTFOBins, OSCP materials, and security certification coursework. Requires existing initial access for authorized testing only.
風險因素
審計版本 3
安全Jan 10, 2026, 12:08 PM
Pure knowledge/prompt file containing educational security documentation. No executable code, no network calls, no file system access beyond reading its own file. Contains example commands for documentation purposes only.
審計版本 2
安全Jan 10, 2026, 12:08 PM
Pure knowledge/prompt file containing educational security documentation. No executable code, no network calls, no file system access beyond reading its own file. Contains example commands for documentation purposes only.
審計版本 1
安全Jan 10, 2026, 12:08 PM
Pure knowledge/prompt file containing educational security documentation. No executable code, no network calls, no file system access beyond reading its own file. Contains example commands for documentation purposes only.