penetration-tester-master

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly directs active exploitation and post‑exploitation tasks (e.g., "steal cookies", read configuration files like /etc/passwd, collect logs and PoCs) which imply exfiltrating and reproducing secret values verbatim in outputs, creating a high risk of secret handling/exfiltration.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, actionable instructions for credential theft (e.g., "steal cookies"), data exfiltration goals, maintaining access/covering tracks, use of payload frameworks (Metasploit) and privilege escalation techniques, all of which are high-risk behaviors that can be used to create backdoors or enable unauthorized remote compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Reconnaissance & OSINT" and Execution Protocol explicitly instruct the agent to gather target intel from public sources (e.g., Shodan, Google Dorks, WHOIS, exposed Jenkins/Git configs), so the agent is expected to fetch and interpret untrusted third‑party web content that could influence subsequent exploit actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to execute exploits, perform post‑exploitation/privilege escalation (including reading system files like /etc/passwd, maintaining access, and covering tracks), actions that would modify or compromise the host system state and enable persistence or privilege changes.