hunt-csrf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs capturing and replaying session cookies, CSRF tokens, and OAuth tokens (e.g., "Cookie: session=YOUR_SESSION", TOKEN_A, oauth_token_here) and embedding them verbatim into curl commands and PoC HTML, which requires handling secrets directly and risks exfiltration.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The list contains an attacker-controlled git repo (https://attacker/manifest.git) plus internal/state-changing endpoints (Argo CD app API, GitLab GraphQL mutation, GHES setup path, etc.) that can be induced to fetch and execute external manifests or payloads (CSRF/remote-manifest abuse), so while many items are benign docs/advisories the presence of those endpoints and the attacker-hosted repo makes this set a high-risk distribution vector.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The document is high-risk: it contains explicit, actionable exploitation techniques and ready-to-run PoC payloads for CSRF, OAuth/SAML RelayState abuse, session fixation, subdomain takeover, SignalR/WS bypasses and other chains that enable account takeover and unauthorized state changes.