exploiting-server-side-request-forgery

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content intentionally documents and automates offensive SSRF techniques (cloud metadata access/credential theft, internal network/port scanning, protocol bypasses like gopher to achieve RCE, DNS rebinding and OOB exfiltration), which are explicit instructions for data exfiltration and system compromise and therefore present a high risk of malicious abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow and agent (SKILL.md and scripts/agent.py) send URL payloads and ingest/parse arbitrary responses from external and target-hosted endpoints (e.g., burpcollaborator.net, rbndr.us, interactsh domains and cloud metadata 169.254.169.254), and those untrusted responses are examined for indicators and drive findings/follow-up actions, so untrusted third‑party content can materially influence the agent's behavior.