exploiting-prototype-pollution-in-javascript

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content explicitly provides step-by-step exploit techniques and ready-to-use payloads (e.g., proto JSON/query vectors, NODE_OPTIONS and child_process usage, and template-engine gadgets) to achieve RCE, XSS, and authentication/authorization bypass, indicating clear malicious intent and high abuse potential.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly sends requests to arbitrary target URLs and parses untrusted HTTP responses as part of its workflow (see scripts/agent.py: test_json_pollution/test_query_pollution) and SKILL.md steps that instruct probing public pages/APIs, so third‑party content can directly influence findings and subsequent actions.