External Network Penetration Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes many examples that embed API keys and plaintext passwords directly in commands (e.g., curl with api_key, password-spray commands with literal passwords), which encourages or requires the agent to place secret values verbatim into generated commands or outputs.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains detailed, actionable instructions for credential theft (password spraying, repo secret harvesting), active exploitation (RCE, Metasploit), and data access/exfiltration (S3 listings, git-dumper, .git retrieval), which are high-risk capabilities that can be used maliciously if executed without explicit authorization.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse open web and user-generated sources (e.g., crt.sh via curl, Wayback/waybackurls, Pastebin monitoring, Shodan/Censys searches, LinkedIn enumeration, SecurityTrails/DNSdumpster) as part of its OSINT and passive reconnaissance workflow, exposing it to untrusted third‑party content that could carry indirect prompt injection.