File Path Traversal Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly requires producing "Exploitation Proof
• Extracted file contents" and guides reading sensitive files (e.g., /etc/shadow, wp-config.php, /proc/self/environ) which would force the LLM to handle and potentially output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content provides detailed, actionable exploitation techniques (path traversal payloads, log poisoning, php:// wrappers, and specific targets like /etc/shadow and private keys) that enable data exfiltration, credential theft, and remote code execution, and therefore represents a high-risk, potentially malicious capability.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to fetch and analyze arbitrary external web resources (e.g., curl "http://target.com/page?file=...", ffuf/wfuzz fuzzing against target URLs, and Burp Suite intruder on captured requests) so the agent will read and interpret untrusted third-party content from public websites/targets.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs active exploitation techniques (path traversal payloads, reading sensitive system files, log poisoning, PHP wrappers to achieve RCE) that enable reading and executing on privileged files and thus can be used to compromise or modify the host machine's state.