exploiting-sql-injection-vulnerabilities

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content includes explicit, actionable instructions and tooling for data exfiltration (schema/data dumps), credential theft (admin password extraction), account creation via stacked queries, and remote code execution (sqlmap --os-shell, xp_cmdshell/INTO OUTFILE), which together enable clear malicious compromise if used without authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill (SKILL.md workflow and scripts/agent.py) explicitly sends HTTP requests to arbitrary target URLs (see scripts/agent.py send and detect* functions) and parses response.text/content for SQL error messages and timing, meaning it ingests untrusted public web responses that directly influence detection and follow-up exploitation actions.