exploiting-api-injection-vulnerabilities

This code is best classified as a high-risk active vulnerability probing/exploitation-assistance tool. It directly injects explicit SQL/NoSQL/command payloads (including potentially destructive SQL patterns) into attacker-supplied endpoints and uses error-string and time/response-size heuristics to infer vulnerability behavior. While it does not show classic malware behaviors (exfiltration/backdoor/persistence) in this snippet, its offensive request-generation capability and the insecure TLS setting (verify=False) make it dangerous in a supply-chain context unless strictly controlled for authorized testing only.

The skill is a high-risk offensive security capability for AI agents. Its stated purpose matches its behavior, but that behavior includes exploitation, data extraction, internal network access, and command execution on targets; this makes it suspicious and dangerous even with authorization language.