sandbox-escape-detector
Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.
Best use case
sandbox-escape-detector is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.
Teams using sandbox-escape-detector should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/sandbox-escape-detector/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How sandbox-escape-detector Compares
| Feature / Agent | sandbox-escape-detector | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Sandbox Escape Detector Skill **Trit**: -1 (MINUS) **Category**: tizen-security **Author**: Tizen Community **Source**: tizen/security **License**: Apache-2.0 ## Description Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations. ## When to Use This is a Tizen security/IoT skill. Use when: - Developing Tizen applications (web, native, .NET) - Auditing Tizen app security - Provisioning TizenRT/ARTIK IoT devices - Implementing Tizen compliance - Analyzing SMACK policies or Cynara access control ## Tizen Security Model ### SMACK (Simplified Mandatory Access Control Kernel) - Linux kernel 3.12+ mandatory access control - Process isolation via labels - Prevent inter-app resource access ### Cynara - Fast privilege access control service - Policy-based permission checking - External agent integration ### KeyManager - Central secure storage repository - Password-protected data access - Certificate and key management ### Tizen Manifest - Privilege declarations (public, partner, platform) - App sandboxing configuration - Resource access specifications ## Related Skills - manifest-privilege-validator - smack-policy-auditor - tizen-cve-scanner - sandbox-escape-detector - cynara-policy-checker - iot-device-provisioning ## References - Tizen Official Docs: https://docs.tizen.org/ - Samsung Security Manager: https://github.com/Samsung/security-manager - Samsung Cynara: https://github.com/Samsung/cynara - TizenRT: https://github.com/Samsung/TizenRT
Related Skills
seatbelt-sandboxer
Generates minimal macOS Seatbelt sandbox configurations. Use when sandboxing, isolating, or restricting macOS applications with allowlist-based profiles.
performing-container-escape-detection
Detects container escape attempts by analyzing namespace configurations, privileged container checks, dangerous capability assignments, and host path mounts using the kubernetes Python client. Identifies CVE-2022-0492 style escapes via cgroup abuse. Use when auditing container security posture or investigating escape attempts.
implementing-email-sandboxing-with-proofpoint
Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware and evasive phishing payloads. Proofpoint Targeted Attack Protection (TAP) is an industry
detecting-container-escape-with-falco-rules
Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file access, and privilege escalation.
detecting-container-escape-attempts
Container escape is a critical attack technique where an adversary breaks out of container isolation to access the host system or other containers. Detection involves monitoring for escape indicators
analyzing-malware-sandbox-evasion-techniques
Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction detection, and sleep inflation patterns from Cuckoo/AnyRun behavioral reports
analyzing-malware-behavior-with-cuckoo-sandbox
Executes malware samples in Cuckoo Sandbox to observe runtime behavior including process creation, file system modifications, registry changes, network communications, and API calls. Generates comprehensive behavioral reports for malware classification and IOC extraction. Activates for requests involving dynamic malware analysis, sandbox detonation, behavioral analysis, or automated malware execution.
criticality-detector
Criticality Detector Skill
jepsen-testing
Jepsen-style correctness testing for distributed systems under faults (partitions, crashes, clock skew) using concurrent operation histories and formal checkers (linearizability/serializability and Elle-style anomalies). Use when designing, implementing, or running Jepsen tests, or interpreting histories/violations.
Deterministic Color Generation via Metadata Hashing
**Status**: ✅ Production Ready
cyton-dongle
Connect and stream from OpenBCI Cyton/Daisy via USB dongle, including first-time radio channel pairing
asi-transient-agenda
Org-agenda-like transient views for ASI skill orchestration via nbb/squint + Emacs hydra