hunt-misc

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs capturing and reusing session cookies, PATs, and API tokens and shows curl examples that embed them verbatim in Authorization/Cookie/PRIVATE-TOKEN headers, which requires the agent to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The document is a high-risk attack playbook: it contains explicit, reproducible exploitation steps (SSRF/token exfiltration, SAML signature-wrapping, invitation/token abuse, CRLF header injection/cache poisoning, OAuth/subdomain takeover, dependency confusion, and pre-receive/hook environment abuse) that enable data exfiltration, privilege escalation, account takeover, and supply-chain compromise.