documentation

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). Contains a high-risk auto-login mu-plugin that functions as a backdoor (login via ?dev_login=USER_ID or username), which can enable unauthorized admin access and privilege escalation if installed on a non-local or publicly-accessible site; other parts (screenshot tooling, Playwright scripts, metadata in /tmp) are operational but not overtly malicious.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill instructs installing and copying an "auto-login" mu-plugin into wp-content (effectively bypassing WordPress authentication) and running scripts that write files to the site, which modifies system state and can circumvent security controls.