Recon

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill package contains explicit, actionable offensive workflows and orchestration (detailed exploit playbooks, Gemini-driven attack planning, Metasploit/Impacket/Mimikatz guidance), plus scripts that automate internet‑scale scanning, secret harvesting (JS secret regexes), credential collection and pivoting (NTDS.dit extraction, webshells, FastCGI RCE), which together enable credential theft, data exfiltration and full system compromise — therefore it is a high-risk malicious toolset if misused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflows (e.g., DomainRecon.md, BountyPrograms.md, IpRecon.md and AnalyzeScanResultsGemini3.md in SKILL.md) explicitly fetch and ingest public third‑party data (crt.sh certificate transparency queries, IPInfo API, ProjectDiscovery/GitHub bounty lists, HackerOne/Bugcrowd results, and arbitrary scan files via cat $SCAN_FILE) and then feed that untrusted content into analysis prompts and decision-making (the Gemini 3 Pro analysis step), so external user-generated/public web content can directly influence tool use and next actions.