Skip to content
ATR-2026-00151highSkill Compromiseexperimental

Malicious Fork Impersonation via Install Instruction

Detects skills or tool responses that instruct users to install packages described as "community fork", "enhanced version", or "patched version" of known tools. Real attack pattern: attacker publishes a typosquatted package and describes it as a fork to gain trust. Crystallized from 29 fork_claim adversarial samples.

嚴重度
high
類別
Skill Compromise
掃描目標
both
作者
ATR Threat Cloud Crystallization

建議回應

alert

參考資料

OWASP Agentic
ASI04:2026 - Supply Chain Compromise
OWASP LLM
LLM03:2025 - Supply Chain Vulnerabilities
在 GitHub 上查看完整 YAML →

更多 Skill Compromise 規則

ATR-2026-00060highMCP Skill Impersonation and Supply Chain AttackATR-2026-00120criticalSKILL.md Prompt InjectionATR-2026-00121criticalMalicious Code in Skill PackageATR-2026-00122highWeaponized Skill — Agent as Attack ToolATR-2026-00123highOver-Privileged Skill — Excessive Permissions