Skills
skills/automindtechnologie-jpg/ultimate-skill.md/SSH Penetration Testing/Snyk

SSH Penetration Testing

Fail

Audited by Snyk on Mar 9, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt contains numerous examples that embed secrets verbatim (literal passwords in code, an ssh public/key string added to authorized_keys, curl commands to fetch id_rsa, and commands that print username:password), so an LLM following it would be instructed to handle and output secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 1.00). These URLs expose direct HTTP-accessible SSH private keys and an archive of SSH keys (and a localhost port), which are highly sensitive and could enable credential theft and unauthorized access if fetched—served insecurely over HTTP and therefore high risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This content provides explicit, actionable instructions for credential theft (brute-force, password spraying, key harvesting), covert access and pivoting (SOCKS proxy, remote port forwarding, ProxyJump), backdoor/persistence installation (appending SSH keys to authorized_keys), reverse-shell callbacks, and post‑exploitation data/credential exfiltration—behavior clearly enabling unauthorized access and long‑term compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs fetching and interpreting content from arbitrary public targets — e.g., Phase 5's "curl -s http://target.com/.ssh/id_rsa" and Phase 2 banner-grabbing (nc/telnet, nmap -sV) — which causes the agent/operator to ingest untrusted third-party web/host content that can materially influence subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill contains explicit, actionable instructions to modify system files and persist access (for example appending to /etc/proxychains.conf and adding keys to ~/.ssh/authorized_keys), perform post‑exploitation and reverse shells, and run brute‑force/exploit workflows that can change the machine's state and require elevated privileges.
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 9, 2026, 11:33 PM