broken-authentication

SUSPICIOUS: the skill is internally coherent as an offensive web-auth testing guide, but that stated purpose is itself high risk for an AI agent. It enables credential attacks, bypass techniques, and exploit workflows against external targets, with meaningful autonomy and indirect prompt-injection risk despite no obvious malware or exfiltration behavior.