sandbox-escape-detector

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.

16 stars

Best use case

sandbox-escape-detector is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.

Teams using sandbox-escape-detector should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/sandbox-escape-detector/SKILL.md --create-dirs "https://raw.githubusercontent.com/plurigrid/asi/main/plugins/asi/skills/sandbox-escape-detector/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/sandbox-escape-detector/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How sandbox-escape-detector Compares

Feature / Agentsandbox-escape-detectorStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Sandbox Escape Detector Skill

**Trit**: -1 (MINUS)
**Category**: tizen-security
**Author**: Tizen Community
**Source**: tizen/security
**License**: Apache-2.0

## Description

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities. Validates process isolation and capability limitations.

## When to Use

This is a Tizen security/IoT skill. Use when:
- Developing Tizen applications (web, native, .NET)
- Auditing Tizen app security
- Provisioning TizenRT/ARTIK IoT devices
- Implementing Tizen compliance
- Analyzing SMACK policies or Cynara access control

## Tizen Security Model

### SMACK (Simplified Mandatory Access Control Kernel)
- Linux kernel 3.12+ mandatory access control
- Process isolation via labels
- Prevent inter-app resource access

### Cynara
- Fast privilege access control service
- Policy-based permission checking
- External agent integration

### KeyManager
- Central secure storage repository
- Password-protected data access
- Certificate and key management

### Tizen Manifest
- Privilege declarations (public, partner, platform)
- App sandboxing configuration
- Resource access specifications

## Related Skills

- manifest-privilege-validator
- smack-policy-auditor
- tizen-cve-scanner
- sandbox-escape-detector
- cynara-policy-checker
- iot-device-provisioning

## References

- Tizen Official Docs: https://docs.tizen.org/
- Samsung Security Manager: https://github.com/Samsung/security-manager
- Samsung Cynara: https://github.com/Samsung/cynara
- TizenRT: https://github.com/Samsung/TizenRT

Related Skills

seatbelt-sandboxer

16
from plurigrid/asi

Generates minimal macOS Seatbelt sandbox configurations. Use when sandboxing, isolating, or restricting macOS applications with allowlist-based profiles.

performing-container-escape-detection

16
from plurigrid/asi

Detects container escape attempts by analyzing namespace configurations, privileged container checks, dangerous capability assignments, and host path mounts using the kubernetes Python client. Identifies CVE-2022-0492 style escapes via cgroup abuse. Use when auditing container security posture or investigating escape attempts.

implementing-email-sandboxing-with-proofpoint

16
from plurigrid/asi

Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware and evasive phishing payloads. Proofpoint Targeted Attack Protection (TAP) is an industry

detecting-container-escape-with-falco-rules

16
from plurigrid/asi

Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file access, and privilege escalation.

detecting-container-escape-attempts

16
from plurigrid/asi

Container escape is a critical attack technique where an adversary breaks out of container isolation to access the host system or other containers. Detection involves monitoring for escape indicators

analyzing-malware-sandbox-evasion-techniques

16
from plurigrid/asi

Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction detection, and sleep inflation patterns from Cuckoo/AnyRun behavioral reports

analyzing-malware-behavior-with-cuckoo-sandbox

16
from plurigrid/asi

Executes malware samples in Cuckoo Sandbox to observe runtime behavior including process creation, file system modifications, registry changes, network communications, and API calls. Generates comprehensive behavioral reports for malware classification and IOC extraction. Activates for requests involving dynamic malware analysis, sandbox detonation, behavioral analysis, or automated malware execution.

criticality-detector

16
from plurigrid/asi

Criticality Detector Skill

jepsen-testing

16
from plurigrid/asi

Jepsen-style correctness testing for distributed systems under faults (partitions, crashes, clock skew) using concurrent operation histories and formal checkers (linearizability/serializability and Elle-style anomalies). Use when designing, implementing, or running Jepsen tests, or interpreting histories/violations.

Deterministic Color Generation via Metadata Hashing

16
from plurigrid/asi

**Status**: ✅ Production Ready

cyton-dongle

16
from plurigrid/asi

Connect and stream from OpenBCI Cyton/Daisy via USB dongle, including first-time radio channel pairing

asi-transient-agenda

16
from plurigrid/asi

Org-agenda-like transient views for ASI skill orchestration via nbb/squint + Emacs hydra