ctf-malware

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs extracting and using secrets (e.g., Telegram bot token, RC4/AES keys) to call APIs or decrypt traffic, which requires embedding those secret values verbatim in requests/commands.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill contains detailed, actionable instructions for C2/backdoor behaviors (RC4/WSS, Telegram bot exfiltration), data exfiltration, credential theft, persistence and process injection techniques, and obfuscation/packing tricks—all deliberate malicious capabilities that enable remote compromise and backdoors.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's c2-and-protocols.md explicitly instructs using a recovered Telegram bot token to call the public Telegram API (api.telegram.org getUpdates/getFile) to fetch messages/files — untrusted, user-generated third‑party content that the agent is expected to retrieve and interpret as part of analysis and could materially influence subsequent actions.