Recon

Fail

Audited by Snyk on Jun 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The skill contains explicit, actionable offensive guidance (exploit chains, RCE/webshell upload, NTDS.dit/Mimikatz credential theft, lateral movement and persistence), automated scanning/attack orchestration, and a mandatory silent notification step — all of which present a high dual‑use/abuse risk if misused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The required runtime workflow for this skill ingests outsider-authored free text via public web content fetched at runtime (e.g., PassiveRecon/DomainRecon call crt.sh and ipinfo.io and parse their JSON/text responses into the LLM prompt context).

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 30, 2026, 03:34 PM
Issues
2
Security Audit — snyk — Recon