sql-injection-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and reporting credentials and database dumps (e.g., "Displays admin credentials", "Database dumps", "Extracted ...") which requires the agent to include secret values verbatim in its outputs, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). Contains explicit, actionable instructions for credential theft, authentication bypass, and out-of-band data exfiltration (DNS/HTTP callbacks to attacker-controlled hosts), which provide direct means to perform unauthorized access and steal data and therefore present high abuse potential.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires interacting with target web application URLs and inspecting HTTP responses (see "Inputs / Prerequisites: Target web application URL" and "Phase 1: Detection and Reconnaissance" which instructs monitoring application responses and error messages), so it ingests untrusted third‑party content that can influence subsequent attack payloads and actions.