wooyun-legacy

SUSPICIOUS: the skill is internally consistent as a penetration-testing knowledge base, but it intentionally enables offensive security work and gives the agent Bash capability. There are no credential, exfiltration, or supply-chain concerns in the text; the main risk is that an AI agent could use this guidance against unintended targets.

This is an offensive/defensive SQL injection methodology document containing explicit, actionable payloads and exploitation techniques (including file write/read and DB->OS escalation). It is not executable malware, but it meaningfully increases attackability if discovered by attackers. Use for defensive training and code audits; restrict distribution. Remediation guidance is present and should be applied in codebases exhibiting the documented vulnerable patterns.