SQLMap Database Penetration Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content provides explicit, actionable instructions for automated SQL injection exploitation including database/table/column enumeration, dumping credentials and hashes, remote OS command execution, and file upload/read (and even guidance for discovering targets), which directly enable data exfiltration, credential theft, and remote compromise if used without authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and analyzing arbitrary public web content (e.g., via -u target URLs, -m bulkfile of URLs, -g Google dorks, -r Burp request files, and -l log files), so the agent would ingest untrusted third-party pages/responses that could carry indirect prompt injection.