red-team-adversary

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly states it "automatically integrates Public, Confidential (Company/Client), and Personal knowledge tiers, prioritizing the most specific secrets" and performs credential-focused attacks and PoCs, which implies the LLM will access and may need to use or output secrets verbatim, creating exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs active exploitation, bypassing authentication, and producing PoCs—activities that inherently encourage executing attacks or altering services on the host (even if claimed to be in a "sandbox/staging") and thus risk compromising machine state.