pentest-client-advanced

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content explicitly describes and automates high-risk offensive techniques for data exfiltration and credential theft (CORS PoCs that read cross-origin data, CSS-based exfiltration/keylogging, WebSocket hijacking/CSWSH, postMessage abuse, storage inspection and PoC generation), which are malicious-capability patterns that require strict authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes arbitrary target URLs and page JavaScript (see references/tools.md and references/workflows.md: corscanner_scan, postmessage_scanner, storage_inspector, websocket_client_connect and the various poc_generate functions) which causes the agent to ingest untrusted public web content and user-generated page data, enabling indirect prompt injection.