reverse-engineering-deep-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs extracting runtime secrets (passwords, API tokens, license keys, synthesized inputs) and shows examples where those values are printed, saved, and stored in MCP payloads, which requires the agent to handle and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill package contains multiple high-risk, dual‑use capabilities — automated memory dumping and secret extraction (credential/token harvesting), automated exploit scaffolding (ROP/shellcode, ASLR/DEP bypass), and persistence of findings to remote MCP storage — which could be readily abused for data exfiltration, credential theft, and system compromise.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs changing kernel ptrace settings with sudo and running debugging as root (e.g., echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope; sudo /re:dynamic ...), which directs obtaining elevated privileges and modifying host security settings, so it encourages compromising the host state.