container-escape-techniques

github.com/yaklang/hack-skills
Verdict: Proceed with caution
0 critical5 high1 medium
C
SCORE 55 / 100
$skillox install container-escape-techniquesSoon
Sign in to followFollowing emails you when a re-scan drops the grade. Opt-out is per-creator on /account/billing.

Why grade C?

score · 55 / 100

The current grade reflects 5 high-severity findings (3+ HIGHs → C).

0 CRIT5 HIGH1 MED0 LOW
To reach a higher grade
  • B
    Reach Btarget score 75

    Resolve 3 of 5 HIGH (cap is 2).

  • A
    Reach Atarget score 95

    Resolve all 5 HIGH.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Latest scan findings

Scan crawl-ck0wknz51n3kpfffpbcf31ci · Thu, 28 May 2026 17:29:02 GMT · 2ms

high
Sensitive filesystem path referenced
The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 78CWE-552
76
77# Access host filesystem
78cat /mnt/host/etc/shadowsensitive path — credential-exfiltration vector
79chroot /mnt/host bash
80```
high
Sensitive filesystem path referenced
The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 98CWE-552
96# Access host processes via /proc
97ls /proc/1/root/ # Host root filesystem
98cat /proc/1/root/etc/shadowsensitive path — credential-exfiltration vector
99
100# Inject into host process
high
Sensitive filesystem path referenced
The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 156CWE-552
154# Works when DAC_READ_SEARCH capability is granted
155gcc shocker.c -o shocker
156./shocker /etc/shadow # Read host filesensitive path — credential-exfiltration vector
157```
158
high
Sensitive filesystem path referenced
The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 192CWE-552
190cat > /cmd << 'EOF'
191#!/bin/sh
192cat /etc/shadow > /output 2>&1 # Or: reverse shellsensitive path — credential-exfiltration vector
193EOF
194chmod +x /cmd
high
Sensitive filesystem path referenced
The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.
rule: filesystem-overreachline: 235CWE-552
233# Access host processes directly:
234ls /proc/1/root/ # Host's root filesystem
235cat /proc/1/root/etc/shadowsensitive path — credential-exfiltration vector
236
237# Inject into host process:
med
No capability manifest declared
The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.
rule: no-manifest
View latest scan →
skillox.io/c/container-escape-techniques