exploiting-broken-function-level-authorization

This skill is purpose-aligned and not deceptive, but it is a high-risk offensive security skill for AI agents. It enables automated privilege-escalation testing and potentially destructive API actions using real credentials; there is no hidden exfiltration or suspicious installer, but the capability itself is dangerous and should be tightly controlled.