vulnerable-secret

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting, decoding, and printing/saving secrets (flags, keys, passwords) from binaries—including a Python template that prints decoded data—so an LLM following it would need to handle and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill contains detailed, actionable, dual-use guidance for extracting secrets, decoding obfuscated data, and bypassing anti-debugging/protections (e.g., LD_PRELOAD, binary patching), which can readily enable credential theft, backdoor implantation, or other system compromise if used maliciously.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly recommends bypassing anti-debugging and patching binaries (e.g., LD_PRELOAD, patching to skip checks) and directs writing files, which instructs actions that alter system state and can be used to circumvent protections, so it should be flagged.