web-security-expert

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit offensive payloads and instructions (e.g., SQLi UNION to dump users, SSRF to 169.254.169.254, command-injection examples) that directly enable credential theft and data exfiltration, representing high-risk dual-use malicious capabilities.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The prompt supplies LFI/SSRF/RCE payloads (including access to /etc/passwd and 169.254.169.254) that encourage probing and reading local services/files but does not instruct the agent to escalate privileges, modify system files, or create accounts, so it poses limited but nonzero risk.