performing-red-team-phishing-with-gophish

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows passing an API key as a command-line argument (--api-key ) and embedding it directly in code (Gophish("api_key")), which requires the LLM to handle and output secret values verbatim, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly automates phishing campaigns (creating tracked email templates, SMTP sending profiles, bulk target imports, and landing pages with capture_credentials=True) which directly facilitates credential theft and mass phishing abuse—making it high-risk for malicious use, though I found no obfuscated payloads, eval/exec backdoors, or hidden remote-code execution mechanisms in the code.