Skills
skills/yaklang/hack-skills/cmdi-command-injection/Snyk

cmdi-command-injection

Fail

Audited by Snyk on Apr 10, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.95). The list contains multiple high-risk indicators — attacker-controlled domains and Burp Collaborator placeholders for OOB exfiltration, a direct PowerShell script URL (shell.ps1), and an exploit GitHub repository — which are classic vectors for distributing/mounting malware (while a few entries are benign placeholders like example.com or 127.0.0.1, the overall set is suspicious).

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This document is an explicit offensive command‑injection playbook containing step‑by‑step payloads and techniques (OOB DNS/HTTP exfiltration, reverse shells, remote code execution, persistence and privilege escalation, and obfuscation/WAF‑bypass methods) intended to enable unauthorized data theft and system compromise — clearly malicious.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt is an explicit command-injection attack playbook containing payloads and instructions (reverse shells, reading/writing /etc files, writing CGI/.htaccess, LD_PRELOAD, OOB exfiltration and privilege-escalation techniques) that direct actions which modify system state and bypass security controls.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 10, 2026, 06:18 AM
Issues
3