ssti-server-side-template-injection

This fragment is not executable dependency code; it is an offensive, operational SSTI/ELI/RCE exploitation guide containing actionable payloads (including webshell/command-execution recipes and bypass techniques). There is no evidence of supply-chain malware behavior in the artifact itself (no runtime logic, secrets, networking, or persistence). The main risk is high misuse/weaponization potential if such content is included in a software distribution or repository where trust and governance are expected.

SUSPICIOUS/HIGH-RISK skill. It is internally consistent as an SSTI exploitation playbook, but that stated purpose is itself an offensive security capability for AI agents. The skill materially enables exploitation, RCE, credential/file access, persistence, and chained loading of related exploit guidance, so it should be treated as high security risk even though it is not confirmed malware and contains no installer supply-chain behavior.