AWS Penetration Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs extracting and then embedding credentials verbatim into commands and environment variables (e.g., export AWS_ACCESS_KEY_ID=ASIA..., enumerate-iam.py --access-key AKIA... --secret-key ..., aws_consoler -a AKIAXXXX -s SECRETKEY), which requires the LLM to handle and output secret values directly, posing an exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.95). These URLs are high-risk: they include AWS metadata endpoints and SSRF proxy patterns that enable credential exfiltration, S3/grayhatwarfare endpoints that can host arbitrary binaries, and links to offensive tooling (Pacu, enumerate-iam, aws_consoler) which are dual-use and commonly used to distribute or run executable payloads — together they present a suspicious download/execution surface.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, actionable instructions for credential theft (IMDS, Secrets Manager), privilege escalation (IAM manipulations, Lambda backdoors), remote code execution and persistence (updating Lambda, EC2/SSM/containers), and log disabling/covering tracks, making it high-risk malicious guidance.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit privileged local actions (e.g., using sudo to create/mount /mnt/stolen), and instructs techniques that obtain or abuse elevated privileges and persist changes, which would modify or compromise the host/agent machine state.