security-testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains explicit, actionable instructions for credential theft (exfiltrating AWS IAM keys and SSM secrets), data exfiltration (DNS tunneling, remote uploads), creating remote-access/backdoor channels (injecting HTTPRoutes to expose internal services, log injection, exploiting WAF fail-open), and supply-chain compromise (pushing malicious OCI artifacts to auto-deploy), and therefore poses a clear high-risk malicious-abuse potential.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs state-changing and adversarial actions (creating pods and HTTPRoutes, labeling namespaces to disable enforcement, querying/exfiltrating secrets, and performing privilege escalation/WAF bypasses), which directly compromise the target environment.