beef

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). Yes — together these links point to an Browser Exploitation Framework setup that instructs downloading/running a remote hook.js from an attacker-controlled IP and executing install scripts (and exposes a local control panel), so the remote script and install commands are high-risk vectors for delivering malicious code or persistent browser compromise.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly documents and instructs use of BeEF — a browser exploitation framework — including injecting hook.js, stealing cookies/credentials, clipboard/keylogging, camera access, internal port scanning, social‑engineering phishing modules, and persistence (service workers), i.e. deliberate offensive/backdoor and data‑exfiltration capabilities.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs injecting a Hook URL () so target browsers fetch and execute arbitrary remote JavaScript (hook.js) from third-party URLs, and the framework processes that untrusted content to drive Modules/actions (e.g., Get Cookie, Port Scanner), so external content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs injecting a runtime script tag that fetches and executes external JavaScript from "http://YOUR_IP:3000/hook.js" (the BeEF hook), which is a required runtime dependency that executes remote code in hooked browsers.