ctf-malware

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the analyst to "use bot token from malware source to call getUpdates and getFile APIs," which requires embedding a recovered secret/token verbatim in API requests/commands, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is a dual-use but high-risk malware-analysis playbook that documents and instructs on backdoor/C2 behaviors (reverse shells, WebSocket/HTTP C2, process injection), data exfiltration techniques (Telegram/C2 upload, screenshots, keylogs), credential theft (keylogging, token recovery), persistence and system compromise (registry Run keys, hollowing, startup scripts), supply-chain vectors (malicious postinst/package analysis), and extensive obfuscation/anti-analysis techniques — all of which can be used intentionally to build, hide, and operate malware or backdoors.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's c2-and-protocols.md explicitly instructs calling the Telegram Bot API (getUpdates/getFile) to retrieve messages and files from a bot token — i.e., fetching arbitrary, user-generated third-party content that the workflow expects the agent to download and interpret.