infrastructure

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is an explicit offensive pentesting playbook containing actionable commands and code for credential theft (sniffing, LLMNR/NTLM capture), backdoor/RCE techniques (Tomcat WAR/webshell deployment, Cheetah template injection, Modbus session hijacking), and DoS/amplification attacks, indicating clear deliberate malicious/abuse behavior.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow tells agents to read reference files and reference/ip-reputation.md explicitly includes curl/Shodan/VirusTotal/AbuseIPDB examples to fetch public, user-contributed reputation data that the agent would read and use to drive testing decisions, exposing it to untrusted third-party content.