exploit-sqli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes and instructs use of inline credentials (e.g., --cookie="sessionid=abc123", --data="username=admin&password=test") and command examples that embed session IDs/passwords directly, which forces the LLM to produce outputs containing secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly an offensive SQL-injection exploitation toolkit (sqlmap usage, payload lists, tamper/WAF-evasion, payload generators and automated testers) that contains many high-risk, deliberate abuse patterns enabling data exfiltration (dumping DBs, reading /etc/passwd, extracting credentials), remote command execution and shells (xp_cmdshell, sqlmap --os-shell/--os-pwn, UTL_HTTP/DBMS_LOCK/pg_sleep patterns used for RCE/interaction), and persistence/destructive actions (DROP/INSERT/stacked queries), so it is highly dangerous if used without authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and analyzes arbitrary external webpages (e.g., boolean_sqli_tester.py's fetch_url uses urllib to request user-supplied target URLs and the SKILL.md/sqlmap workflows instruct scanning arbitrary public URLs), so untrusted third‑party content is ingested and can directly influence tool decisions and next actions.