testing-for-host-header-injection

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This is an offensive, dual‑use testing skill that contains explicit, actionable techniques to cause data exfiltration (password reset poisoning, cache poisoning, SSRF to cloud metadata), internal service enumeration and routing manipulation—capabilities that can be deliberately abused to steal tokens/credentials and access internal resources.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow and code (SKILL.md curl examples and scripts/agent.py) explicitly send HTTP requests to arbitrary target URLs and read/parse resp.text (response bodies) from those targets, meaning the agent fetches and interprets untrusted third‑party web content that can materially influence findings and subsequent actions.