WordPress Penetration Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill contains multiple examples and commands that embed API tokens, basic-auth credentials, and plaintext passwords (e.g., --api-token YOUR_API_TOKEN, --http-auth admin:password, set PASSWORD jessica), which would require the model to handle or output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is high-risk: it provides explicit, actionable exploitation instructions including reverse shells, a webshell/backdoor plugin (system($_GET['cmd'])), theme editor RCE, Metasploit exploits, credential brute‑forcing (wp-login and XML‑RPC multicall), user enumeration/credential harvesting, and detection‑evasion (proxy/Tor/disable TLS) — all clear patterns for deliberate malicious activity and backdoor access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — the SKILL.md explicitly instructs fetching and parsing arbitrary public websites (e.g., multiple curl commands like "curl -s http://target.com | grep ...", WPScan commands such as "wpscan --url http://target.com", and REST API calls like "curl -s http://target.com/wp-json/wp/v2/users") and uses that untrusted, user-controlled content to decide enumeration and exploitation actions.