Skills
skills/sickn33/antigravity-awesome-skills/ssh-penetration-testing/Snyk

ssh-penetration-testing

Fail

Audited by Snyk on Feb 27, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill includes examples that embed and print credentials and keys verbatim (e.g., Paramiko prints username:password, hardcoded password in the example, echoing an "ssh-rsa ..." key into authorized_keys), which requires the model to handle and output secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 1.00). These URLs expose sensitive SSH private keys and a key-archive on an external host (and reference a localhost tunnel endpoint), which are high-risk because downloading such files can immediately enable unauthorized access or be used to deliver/execute malicious payloads.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). The skill contains explicit, actionable instructions for credential theft (brute-force and harvesting keys/passwords), backdoor/persistence (adding public keys to authorized_keys), remote command execution and reverse shells (ssh -R reverse tunnels and Paramiko automation), pivoting/tunneling for data exfiltration, and evasion techniques — all patterns consistent with deliberate malicious abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's Phase 5 "Check for exposed keys" explicitly instructs fetching web-accessible keys with curl/wget (e.g., curl -s http://target.com/.ssh/id_rsa), which requires the agent to retrieve and act on content from arbitrary public URLs and could let untrusted third-party data influence subsequent actions like authentication attempts.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs actions that change system state (e.g., appending SSH keys to authorized_keys, modifying /etc/proxychains.conf, creating reverse tunnels/exposing local services, and post-exploitation persistence) which can modify or compromise the machine the agent runs on.
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 27, 2026, 11:20 PM