offensive-osint

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The document is an explicit offensive OSINT/recon arsenal containing highly actionable techniques for data exfiltration, credential harvesting/validation, backdoor/RCE vectors (kubelet/etcd/redis/docker API/etc.), subdomain takeovers and supply‑chain/typosquat guidance — capabilities that materially enable unauthorized compromise if misused.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.72). The skill’s runtime workflow can ingest outsider-authored free text from public web sources it fetches on demand (e.g., Stack Exchange code blocks via the Stack Exchange API with filter=withbody, plus other scraped/public SaaS pages), which then becomes LLM-readable context for analysis.