performing-wireless-network-penetration-test

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High risk — the content contains explicit, actionable instructions and automation (including scripts) for deauthentication attacks, handshake/PMKID capture and cracking, rogue AP/evil‑twin setups and EAP credential harvesting, all of which enable credential theft and unauthorized network access and can be used maliciously.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively ingests and acts on untrusted, user-generated wireless broadcast data (SSIDs/BSSIDs) and airodump-ng capture CSVs—see SKILL.md (passive scanning, handshake capture, rogue AP/evil twin phases) and scripts/agent.py & scripts/process.py (scan_networks, _parse_airodump_csv, capture_handshake, detect_rogue_aps)—which the agent uses to choose targets and drive attack actions, so third-party broadcasts could indirectly influence behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt contains explicit privileged and state-changing instructions—e.g., using sudo bettercap, running "airmon-ng check kill", enabling monitor mode, writing/starting hostapd/dnsmasq configs and running services—that modify network interfaces and system services and require root access.