JWT Security Testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs cracking and printing JWT secrets, generating and outputting forged tokens and secret values (e.g., printing found secrets, embedding "known_secret" and tokens in code/commands), which requires the LLM to handle and output secret values verbatim, creating high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains detailed, actionable instructions for exploiting JWT implementations—including secret brute-forcing, algorithm confusion, JWK/KID injection, and claim tampering—that enable credential theft and unauthorized access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests untrusted external content — for example it instructs fetching a target's JWKS via "curl -s http://target.com/.well-known/jwks.json", cloning a public GitHub repo, and decoding/operating on arbitrary JWTs from external sources — so the agent would read and interpret third-party data as part of its workflow.