testing-for-xss-vulnerabilities

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit instructions and payloads for stealing session cookies and other sensitive data (e.g., XSS Hunter / remote callback payloads, image/fetch exfiltration examples), guidance to use captured admin sessions for takeover, and WAF/CSP bypass techniques — all of which enable deliberate data exfiltration and credential theft if misused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime agent (scripts/agent.py) issues requests.get/requests.post to arbitrary base_url, params, and endpoints (as defined in SKILL.md and the script) and reads/interprets the returned HTML/headers — including user-generated content like support tickets and forum posts — to drive payload selection and follow-up tests, so it clearly ingests untrusted third-party web content.