858 B
858 B
CLAUDE-BLADE — Blade IA Windows Remote Agent
OOB chain: Master → S204 → pending_exec.json → Blade heartbeat → Invoke-Expression → oob_result
Agent v2.4 (C:\ProgramData\WEVAL\weval-sentinel-agent-v24.ps1)
- Heartbeat every 60s → blade-api.php
- OOB exec_cmd: reads from heartbeat response, executes, POSTs result
- Task poll: GET /api/blade-api.php?action=poll → execute PowerShell/Python/System
- Null-safe Get-Counter (Win32_Processor fallback)
- Single-instance lock file
Proven
- oob_result_20260410_210529: result="LAPTOP-VE75QUHF" IP=160.178.129.33
- CPU/RAM/Disk/Uptime metrics live
- Task queue: push/poll/execute/report
Master Intents
- blade exec oob : queue arbitrary PowerShell
- blade queue check: heartbeat age + task stats
- blade oob status: pending/archives
- blade force restart: kill+relaunch agent