The Agent Skills Directory

[COMMAND_EXECUTION]: The SKILL.md file provides numerous curl command examples for performing HTTP POST and GET requests with prototype pollution payloads against remote endpoints.
[REMOTE_CODE_EXECUTION]: Documentation in SKILL.md and references/api-reference.md includes exploit payloads that leverage template engine gadgets (e.g., EJS, Pug) to execute system-level commands using child_process.execSync.
[EXTERNAL_DOWNLOADS]: The scripts/agent.py utility utilizes the requests library to conduct network-based vulnerability scanning against user-defined target URLs.
[DATA_EXFILTRATION]: The automated scanner script is designed to accept an authentication token from the user and transmit it to the specified target URL as part of the exploit verification process.

exploiting-prototype-pollution-in-javascript