model-inversion

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs probing models with prompts designed to elicit secrets (e.g., "API key: sk-", "The password for admin is") and collects/stores the LLM responses verbatim, which requires handling and outputting secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill explicitly documents and provides runnable code for privacy attacks (membership inference, training-data extraction including API keys/SSNs, attribute and gradient reconstruction), which enable high-risk extraction of sensitive data—while it contains no obvious backdoor/network exfiltration code, the content is clearly dual-use and poses a high privacy risk.