pentest-network-internal

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). Contains explicit, actionable instructions and tool integrations for credential harvesting, brute-forcing, exploitation, and lateral movement (e.g., responder, hydra, EternalBlue/ZeroLogon, credential capture), which are high-risk, dual-use capabilities that can be abused for malicious activity.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes outbound content requests and parses public internet resources (e.g., httpx_probe fetching arbitrary web pages and passive discovery tools like amass_scan and subfinder_scan) and the AI-assisted workflows explicitly analyze/interpret those scan results, so it ingests untrusted third‑party web/DNS content.