sql-injection-testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly contains step-by-step exploitation techniques (authentication bypass, data extraction, and out‑of‑band exfiltration to attacker-controlled hosts) and evasion methods that enable deliberate theft of credentials and sensitive data, representing high-risk malicious capability despite an ethical testing framing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly requires interacting with a target web application URL (see SKILL.md "Required Access") and its Core Workflow (Detection and Reconnaissance) instructs fetching/issuing requests and reading application responses/error messages from arbitrary sites, so untrusted third-party content can influence subsequent exploitation steps.