competition-kernel-container-escape
CommunityProve container-to-host boundary crossings.
Authorxjtu-wang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Internal downstream skill for ctf-sandbox-orchestrator to map kernel and container boundaries, verify escape primitives, and validate sandbox assumptions across containerized workloads.
Core Features & Use Cases
- Workflow-driven isolation mapping: capture namespace, cgroup, capabilities, and runtime boundaries to prove or disprove host reachability.
- Primitive-to-boundary verification: separate and document the triggers, boundary crossings, and resulting host-visible effects.
- Reproducible audit trail: preserve a minimal, repeatable chain from container context to host-level outcome for security assessments.
Quick Start
Follow the downstream orchestration stage after $ctf-sandbox-orchestrator is active to map kernel and container boundaries and confirm boundary-crossing primitives.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: competition-kernel-container-escape Download link: https://github.com/xjtu-wang/DigAgent/archive/main.zip#competition-kernel-container-escape Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.