mitm-find-ssrf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to include "Evidence" showing requests from the mitmproxy log and to output request/test commands drawn from log.txt, which can contain verbatim Authorization headers, cookies, or API keys, so the LLM would need to handle and potentially emit secret values from the captured traffic.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content is a dual-use pentesting guide that explicitly provides step-by-step abuse patterns to exfiltrate sensitive data (cloud metadata/AWS credentials), probe internal networks, and perform OOB exfiltration—high-risk exploit instructions—but it does not contain backdoor code, obfuscated payload execution, or direct remote‑code-execution primitives.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting and analyzing a mitmproxy dump file (log.txt) containing captured third-party HTTP traffic (see "Requires: log.txt" and the grep/base64 parsing steps in SKILL.md), so untrusted, user-generated web content is read and used to drive testing and follow-up actions (curl tests), which could allow indirect prompt-injection via crafted payloads in the logs.