performing-external-network-penetration-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit plaintext credentials passed on the command line (e.g., sprayhound -p 'Spring2025!' and snmpwalk -c public), which demonstrates embedding secrets verbatim and thus would require the LLM to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill clearly ingests and acts on public, untrusted third‑party content — for example scripts/process.py calls subfinder and parses its output (subdomains), scripts/agent.py performs dns_enumeration and run_nmap_scan against discovered hosts, and SKILL.md shows fetching certificate transparency via crt.sh and OSINT sources (Shodan, GitHub, Pastebin) — and those externally sourced results are used to drive scans, exploitation attempts, and reporting, so third‑party content can materially influence agent behavior.