test-attack-technique

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to run commands that can return secret values (e.g., aws secretsmanager get-secret-value), to parse "retrieved credentials, tokens, or exfiltrated data," and to capture/include CLI commands and outputs (for the HTML report and user prompts), which requires embedding secret values verbatim in the agent's output.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill is explicitly an orchestration tool for executing offensive Stratus Red Team techniques: it automates creation/execution/cleanup of real attacks, instructs parsing and capturing of retrieved credentials, tokens, and exfiltrated data, and documents destructive behaviors (e.g., S3 ransomware deletion), which enables deliberate credential theft, data exfiltration, and system compromise if used without authorization.