Broken Authentication Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains multiple explicit, actionable techniques for credential theft, account takeover, and detection-evasion (credential stuffing with breached lists, JWT "none" forgery, session fixation, host-header reset redirection to attacker domains, IP rotation/X-Forwarded-For rate-limit bypasses, OTP brute-forcing guidance), which are clear instructions that can be used for deliberate malicious abuse despite being framed as testing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and analyzing content from arbitrary target web applications and public breach datasets—e.g., requests.get("https://target.com/login") in Phase 6, capturing password reset links in Phase 10, and using "Have I Been Pwned"/SecLists in credential testing—which are untrusted third‑party sources whose content can drive subsequent testing actions.