sqlmap-database-pentesting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and reporting sensitive data (usernames, passwords, hashes) and includes example request files containing plaintext credentials, which requires the LLM to handle and potentially output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is clearly malicious: it gives explicit, actionable instructions for automated SQL injection exploitation including data exfiltration (dumping credentials and hashes), credential theft, obtaining remote OS shells and file upload (webshell installation), and evasion/anonymity techniques, which facilitate backdoors, remote code execution, and unauthorized system compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs running sqlmap against arbitrary public targets (e.g., -u "URL") and loading external request/log/bulk files and Google dorks (Advanced Target Options: -r, -l, -m, -g), so the agent will fetch and interpret untrusted third‑party web content whose responses can directly change scanning/exploitation actions.