hash-attack-techniques

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The playbook explicitly shows commands and code that require inserting MACs/secrets verbatim (e.g., hashpump/hash_extender with "known_mac_hex", constructing/sending candidate HMAC values in timing attacks), so an agent following it would need to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is an explicit, actionable offensive playbook—providing step‑by‑step tools, scripts, and commands for MD5/SHA‑1 collisions, HMAC timing attacks, password cracking (hashcat/John), rainbow tables, and binary/certificate forgery—capable of enabling credential theft, forgery/substitution of binaries or certificates, and other deliberate abuses.