SMTP Penetration Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content contains explicit, actionable instructions for user enumeration, credential brute-forcing, open-relay exploitation, and header/email spoofing that can be readily abused for credential theft, spam/phishing, and unauthorized data exfiltration, though it is framed as authorized penetration testing and does not include obfuscated backdoors or remote-code-execution payloads.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to connect to arbitrary external SMTP servers and public DNS records (e.g., telnet/nc/EHLO banner grabbing, VRFY/EXPN/RCPT responses, smtp-user-enum outputs, and dig TXT lookups against target.com) and to parse those untrusted, user-controlled responses as part of its workflow, which could carry maliciously crafted content.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs installing system packages with "sudo apt-get install" (and running tools like Metasploit/hydra), which directs the agent to perform privileged system modifications and thus compromise the machine's state.