SMTP Penetration Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). Although framed as authorized penetration testing, the content provides explicit, actionable instructions for user enumeration, brute-force credential attacks, open-relay exploitation, and spoofing/header injection — high-risk techniques that enable credential theft and abuse if used without authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to connect to arbitrary external SMTP servers and public DNS records (e.g., banner grabbing via telnet/nc/nmap and MX/TXT lookups with dig/nslookup) and to parse those untrusted server responses as part of its workflow, which exposes it to third-party, potentially user-controlled content.