hunt-cicd

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs reading secrets (e.g., GITHUB_TOKEN, Jenkins secret.key/credentials.xml, API tokens) and exfiltrating them by including their verbatim values in commands or HTTP requests (e.g., printenv|cat and curl to collaborator endpoints), which requires the LLM to handle/output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is a high-risk offensive playbook that gives explicit, reproducible instructions to achieve credential theft, secret exfiltration, remote code execution, and persistence across CI/CD systems (Jenkins, GitHub Actions, GitLab, Terraform), i.e. deliberate malicious guidance for abuse.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The guide explicitly instructs downloading and then executing the Jenkins CLI JAR from the target (e.g., https://$TARGET/jnlpJars/jenkins-cli.jar followed by java -jar jenkins-cli.jar), which is a runtime fetch of remote code that is executed locally.