pentest-validation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill mandates producing reproducible PoC evidence for confirmed findings (e.g., cookie theft PoC, forged JWT/admin access, cloud metadata extraction, credential discovery), which implicitly requires the agent to handle and often output exfiltrated secret values verbatim in reports.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires a target_url in its SKILL.md configuration and orchestration steps and runs Tier 2/3 validation pipelines that send payloads to and ingest live HTTP responses from external staging URLs (e.g., "https://staging.example.com"), meaning the agent will read and act on untrusted third-party web content as part of its workflow.