conducting-internal-network-penetration-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains numerous literal passwords and credentials embedded directly in commands and code (e.g., -p 'Password123', 'AdminPass123', sa:DbPassword123), requiring the agent to reproduce secret values verbatim and thus creating high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly documents and automates offensive techniques for credential theft, lateral movement, privilege escalation, domain compromise (Responder, mitm6, ntlmrelayx, PetitPotam, Mimikatz, DCSync, Golden/Silver tickets) and accessing sensitive data — behaviors that can be used as deliberate malicious actions or backdoors if misused.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running privileged/network-manipulating and privilege-escalation commands (e.g., "sudo responder", "sudo mitm6", raw nmap scans, meterpreter getsystem, Mimikatz), which require or attempt to obtain elevated privileges and can modify or compromise the agent's host state.