SQL Injection Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and reporting sensitive data (usernames, passwords, database dumps, and authentication-bypass proof-of-concepts), which requires the agent to include secret values verbatim in its outputs.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly malicious: it provides detailed, actionable SQL injection exploitation techniques including authentication bypass, credential and schema extraction, and out-of-band data exfiltration payloads (DNS/HTTP to attacker-controlled hosts) plus encoding/obfuscation methods to evade defenses, which enables deliberate theft and unauthorized access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires interacting with arbitrary target web application URLs and instructs the agent to read and interpret application responses/error messages (see "Required Access: Target web application URL with injectable parameters" and the "Core Workflow" tests), which are untrusted third‑party content that can directly influence subsequent payloads and actions.