bettercap

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). 此技能明确描述并指导如何执行中间人攻击（ARP 欺骗）、流量/凭据嗅探、HTTPS/SSL 剥离、Wi‑Fi 去认证与 BLE 侦察等滥用行为，意图为窃取凭据和被动/主动入侵网络流量，属于高风险恶意工具内容。

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs performing ARP MITM and traffic capture/SSL stripping (e.g., the "ARP 中间人攻击 + 凭据嗅探" steps with net.sniff on and https.proxy on), which causes the agent to ingest arbitrary, untrusted third‑party network/web content that could carry instructions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). It explicitly instructs running privileged commands (sudo bettercap) and activating ARP spoofing, Wi‑Fi deauthentication, SSL stripping and traffic sniffing — actions that require root and actively modify/compromise the machine's network state and surrounding hosts.