sqlmap-database-pentesting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and reporting sensitive data (usernames, passwords, hashes) and includes example request files containing plaintext credentials, which requires the LLM to handle and potentially output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content explicitly provides step-by-step instructions for automated SQL injection exploitation — including database dumps of credentials, automated credential/hash extraction, OS shell execution, file upload (webshell planting), mass scanning (bulk/Google dorks), and evasion/anonymity techniques (tamper scripts, Tor, random-agent) — all high-risk features that enable data exfiltration and remote system compromise if misused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs running sqlmap against arbitrary public targets (e.g., -u "URL") and loading external request/log/bulk files and Google dorks (Advanced Target Options: -r, -l, -m, -g), so the agent will fetch and interpret untrusted third‑party web content whose responses can directly change scanning/exploitation actions.