ctf-crypto

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill content is an offensive "CTF crypto" playbook that explicitly documents multiple exploitation techniques (padding-oracle → CBC bitflip RCE, Bleichenbacher/Manger timing/padding oracles, homomorphic decryption bypasses, secret-key/PRNG state recovery, Dual_EC_DRBG backdoor exploitation, proof-forgery methods, etc.) which can be directly used to achieve remote code execution, private-key recovery, signature/key-forgery, or oracle‑based data exfiltration; while dual‑use for education/CTF, those concrete, actionable attack recipes constitute high-risk guidance for system compromise and backdoor abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md prerequisites explicitly instruct fetching and using public, user-generated resources (e.g., "git clone https://github.com/RsaCtfTool/RsaCtfTool" and external services like quipqiup.com/dcode.fr), meaning the agent's workflow expects ingesting third‑party content that could materially affect tool behavior.