ssrf-testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). Contains explicit, actionable exploitation techniques (cloud metadata access for credential theft, gopher/Redis payloads that install cron reverse shells, FastCGI/port scanning and redirection tricks) enabling data exfiltration, remote code execution, and persistence—highly dangerous if misused.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill contains explicit, actionable payloads and instructions (file:// access, SSRF to 127.0.0.1, Redis/Gopher payloads that write cronjobs and execute shells, suggestions to probe/modify local services) that would enable an agent to read or modify the host system and thus compromise the machine state.