AWS Penetration Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs extracting and then embedding credentials verbatim into commands and environment variables (e.g., export AWS_ACCESS_KEY_ID=ASIA..., enumerate-iam.py --access-key AKIA... --secret-key ..., aws_consoler -a AKIAXXXX -s SECRETKEY), which requires the LLM to handle and output secret values directly, posing an exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.95). These URLs are high-risk: they include AWS metadata endpoints and SSRF proxy patterns that enable credential exfiltration, S3/grayhatwarfare endpoints that can host arbitrary binaries, and links to offensive tooling (Pacu, enumerate-iam, aws_consoler) which are dual-use and commonly used to distribute or run executable payloads — together they present a suspicious download/execution surface.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content provides highly actionable, step‑by‑step instructions to steal AWS credentials, escalate privileges, persist access (including Lambda code injection and mounting EBS volumes), exfiltrate data, and evade detection—enabling unauthorized compromise and data exfiltration.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit privileged local actions (e.g., using sudo to create/mount /mnt/stolen), and instructs techniques that obtain or abuse elevated privileges and persist changes, which would modify or compromise the host/agent machine state.