bluehammer-vulnerability-poc

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The GitHub URL points to a C proof‑of‑concept exploit repository that includes build/run instructions (including disabling mitigations and changing ASLR) which makes it dangerous to download/compile/run outside an isolated lab, while ara.so appears to host the skill metadata rather than direct binaries — together they represent a potentially risky source for malicious or harmful code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs cloning and inspecting a public GitHub repository (git clone https://github.com/Nightmare-Eclipse/BlueHammer.git) and reading the README and source/PoC code, so untrusted, user‑generated third‑party content would be ingested and could materially influence build/run/debug actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs users to run git clone https://github.com/Nightmare-Eclipse/BlueHammer.git and then compile/run the fetched C PoC, so it fetches remote code at runtime which is compiled and executed locally (direct remote-code execution dependency).

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly instructs using sudo to install packages and to disable ASLR (echo 0 | sudo tee /proc/sys/kernel/randomize_va_space), recommends running exploit PoC code, and suggests privileged container options—actions that modify system state and require privilege escalation.