security-testing
Fail
Audited by Snyk on Feb 25, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). This document contains explicit, actionable instructions for credential theft (static AWS IAM key/SSM access), data exfiltration (DNS tunneling, Prometheus/Loki abuse), remote access/route injection, WAF bypass, privilege escalation, and supply-chain compromise—capabilities that are clearly usable for deliberate malicious activity if misused.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs state-changing and adversarial actions (creating pods and HTTPRoutes, labeling namespaces to disable enforcement, querying/exfiltrating secrets, and performing privilege escalation/WAF bypasses), which directly compromise the target environment.
Audit Metadata