Skills
skills/mukul975/anthropic-cybersecurity-skills/conducting-wireless-network-penetration-test/Snyk

conducting-wireless-network-penetration-test

Fail

Audited by Snyk on Mar 15, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs capturing and documenting credentials (including an example PSK "Company2024!" shown verbatim), which requires the agent to handle and potentially output secret values directly, creating exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). High-risk dual-use content: the skill explicitly instructs and implements credential-theft techniques (WPA/WPA2 handshake and PMKID capture, MSCHAPv2 capture via rogue RADIUS, captive-portal credential harvesting), active attacks (deauthentication frames, evil-twin/rogue AP deployment) that enable man-in-the-middle and DoS behavior — no hidden backdoor, remote exfiltration, or obfuscated payloads were found.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill explicitly captures and parses untrusted, user-generated wireless frames (beacon and probe requests) from nearby third parties—see SKILL.md "Step 1: Wireless Reconnaissance" and scripts/agent.py (scan_access_points, detect_client_probes, capture_handshake)—and then uses those discoveries (BSSIDs/SSIDs) to drive actions like deauthentication, rogue AP detection, and handshake capture, so external content can materially influence tool use and next actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs running privileged wireless tools (airmon-ng, hostapd-mana, dnsmasq, aireplay-ng) and deploying rogue APs and services that require root, modify network interfaces/configuration, and create/alter service configuration files—actions that change the host machine's state and effectively require privilege escalation.

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 09:04 AM
Issues
4