exploiting-prototype-pollution-in-javascript

SUSPICIOUS/HIGH-RISK skill. Its stated purpose and capabilities are internally consistent, but that purpose is to help an AI agent actively exploit vulnerabilities, including XSS, RCE, and authorization bypass on remote targets. Install trust is mostly normal and there is no strong evidence of credential harvesting or covert exfiltration, so this is not confirmed malware; however, as an offensive security/exploit skill for an agent, it poses high security risk.