performing-external-network-penetration-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt embeds plaintext credentials in example commands (e.g., -p 'Spring2025!' for password spraying and SNMP community "public"), which requires the agent to output secret-like values verbatim and thus poses a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's recon and scanning workflow explicitly fetches and ingests untrusted, public third‑party content (e.g., subfinder/amass outputs, crt.sh via curl, GitHub/Shodan/OSINT sources in SKILL.md and the scripts/process.py and scripts/agent.py) and then uses those discoveries to drive subsequent scans and actions (updating target lists, running nuclei/nmap), so external content can materially influence tool use and next steps.