testing-for-xss-vulnerabilities

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content contains explicit, actionable instructions and payloads for exfiltrating sensitive data and hijacking accounts (e.g., XSS Hunter callbacks, image src cookie exfiltration, fake login overlays and keylogging), and describes using captured session cookies to compromise admin accounts — behavior that is deliberate exploitation and high-risk abuse despite the "authorized testing" framing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's agent actively fetches and parses arbitrary target web pages and user-submitted content (e.g., requests.get calls to base_url and param URLs in scripts/agent.py and the SKILL.md workflow Steps 1–4), and uses the response text to determine contexts, choose payloads, and drive subsequent testing actions—meaning untrusted third‑party content can directly influence tool behavior.