hunt-open-redirect

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs are highly suspicious—not direct download links but a collection of open-redirect, URL-obfuscation, at-sign/subdomain tricks and proxy/fetch patterns (including access to 169.254.169.254) commonly used to steal OAuth tokens, perform SSRF, phish users or redirect to malicious downloads.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is an offensive playbook that explicitly instructs how to find and exploit open redirects — including OAuth redirect_uri tampering to steal authorization codes (ATO), phishing, SSRF escalation, and automated scanning — indicating clear malicious/exploitative intent.