Shodan Reconnaissance and Pentesting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands and code that embed API keys directly (e.g., shodan init YOUR_API_KEY, curl ...?key=YOUR_KEY, API_KEY='YOUR_API_KEY'), which requires the agent to insert secret values verbatim into generated outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse untrusted public internet content from Shodan (e.g., shodan search/host/download results.json.gz, API host/search calls, and fields like http.html, http.title, and screenshots) and to act on those findings as part of the recon workflow, so third‑party webpages/banners/screenshots could indirectly inject instructions influencing subsequent actions.