Skills
skills/mukul975/anthropic-cybersecurity-skills/conducting-full-scope-red-team-engagement/Snyk

conducting-full-scope-red-team-engagement

Fail

Audited by Snyk on Mar 15, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.95). The prompt contains multiple command examples that embed plaintext credentials and secret strings (e.g., domain/admin:password@..., wmiexec/psexec examples, and --secret=s3cr3t) and instructs actions that harvest or transmit credentials, which would require the agent to handle or output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). The content is explicitly an operational red-team playbook that includes step-by-step instructions and tooling for spearphishing, payload generation, C2 deployment, credential theft (LSASS dumps, Kerberoasting, DCSync), lateral movement (PsExec/WMI), and exfiltration channels — all deliberate techniques that enable backdoors, remote code execution, credential compromise and data exfiltration and are readily abusable if used without strict, authorized controls.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests and acts on public, untrusted third‑party content — e.g., SKILL.md's Reconnaissance OSINT steps and code (crt.sh JSON fetch, theHarvester/LinkedIn, breach searches) and scripts/agent.py calling attackcti.client.get_enterprise_techniques — and those external results are used to drive planning and tool selection, so third‑party content can materially influence agent behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs privilege-escalation and security-bypass techniques (e.g., UAC bypass), credential dumping (LSASS/Mimikatz), and setup of C2 infrastructure and offensive tools—actions that bypass protections and modify the host or its state—so it pushes the agent toward compromising the machine.

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 09:04 AM
Issues
4