using-gangsta

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). This skill explicitly commands the agent to treat the user ("the Don") and Gangsta skills as higher priority than the default system prompt and to forcibly invoke/obey skills (even at 1% applicability), which is an instruction to override system-level context and compel behavior beyond a benign "invoke skills" helper—i.e., an attempt to override system authority and push hidden control flow.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content does not contain an explicit payload or encoded exfiltration routine, but it intentionally creates an override-able authority model ("The Don's word is law"), forces automatic invocation of subordinate skills/agents, prescribes constructing user-level prompts from internal files, and enables spawning background/parallel agents and shell commands — deliberate patterns that can be abused to bypass platform safeguards, leak internal prompts/privileged content to subagents, and enable remote execution or covert data exfiltration.