zero-day

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is high-risk dual-use research material: it includes extensive, actionable exploit templates and PoCs (command injection, SSRF to IMDS for credential theft, deserialization RCE, IAM escalation, fuzzing/exploit skeletons, file-system and network exfiltration examples) that can be directly repurposed for unauthorized data exfiltration, remote code execution, credential theft, and supply-chain abuse despite its stated responsible-use constraints.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 0 "Intelligence Gathering" explicitly instructs fetching and reading public third‑party sources (e.g., curl to the NVD API, GitHub Security Advisories, searchsploit, and checking community sources like oss-security, Full Disclosure, r/netsec, Hacker News, and Twitter/X) as part of the required workflow, so untrusted user-generated content could influence decisions and tool use.