exploiting-nosql-injection-vulnerabilities

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs and exemplifies blind extraction and a proof-of-concept report that includes extracted passwords and API keys, which would require the agent to capture and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, actionable exploitation instructions and automation for authentication bypass, blind data extraction (credential theft), and server-side JavaScript ($where) injection that can lead to remote code execution — enabling high-risk misuse and unauthorized data exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime scripts (scripts/agent.py and scripts/process.py) and the SKILL.md curl examples explicitly fetch and parse responses from arbitrary target URLs (external web apps), and the code inspects response.text and status codes to drive vulnerability decisions and blind-extraction loops—i.e., untrusted third-party web content is ingested and directly influences subsequent actions.