testing-for-xxe-injection-vulnerabilities

SUSPICIOUS/HIGH-RISK skill. Its stated purpose matches its capabilities, but that purpose is to equip an AI agent with offensive exploitation workflows, including exfiltration and SSRF. The main additional concern is the unpinned install of XXEinjector from a personal GitHub repo. This is not confirmed malware, but it is a high-risk offensive security skill that should be tightly restricted.

The snippet is a dual-use security guide: it correctly recommends defusedxml to mitigate XXE risks but also provides explicit offensive XXE payloads and testing instructions that are actionable. The content itself is not malware, but it enables potential exploitation if used against vulnerable or unauthorized targets. Use the offensive examples only in authorized test environments and apply recommended mitigations in production (disable DTD/external entities, restrict outbound network access).