SQLMap Database Penetration Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content provides explicit, actionable instructions for automated SQL injection exploitation including database/table/column enumeration, dumping credentials and hashes, remote OS command execution, and file upload/read (and even guidance for discovering targets), which directly enable data exfiltration, credential theft, and remote compromise if used without authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow instructs running sqlmap against arbitrary public URLs and feeds (e.g., the -u target URL, -m bulk file of URLs, -r request files, -l log files, and the -g Google dork option), which requires fetching and interpreting untrusted third-party web content and search results as part of the exploitation process.