ssrf-server-side-request-forgery

MALICIOUS. This skill’s stated purpose is offensive exploitation, and its actual footprint matches that: it teaches an AI agent to probe targets, exfiltrate cloud/Kubernetes secrets, use known callback collectors, and chain SSRF into internal service abuse and RCE. There is limited installer risk in the skill itself, but the exploit guidance and exfiltration-oriented data flows make it fundamentally unsafe.