pt-post-exploitation
Performs authorized post-exploitation activities to assess impact, lateral movement paths, credential exposure, and detection gaps after initial compromise. Use when a foothold has been validated and the test requires controlled impact expansion analysis.
90
85%
Does it follow best practices?
Impact
100%
1.63xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W013: Attempt to modify system services in skill instructions
What this means
The skill prompts the agent to compromise the security or integrity of the user’s machine by modifying system-level services or configurations, such as obtaining elevated privileges, altering startup scripts, or changing system-wide settings.
Why it was flagged
Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly directs the agent to perform post-exploitation activities (privilege escalation, credential access, lateral movement, artifact creation/cleanup) which inherently involve modifying system state and potentially obtaining elevated/sudo-like capabilities despite the "authorized" caveat.
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
a8ff73a
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.