conducting-social-engineering-pretext-call

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs eliciting and recording sensitive secrets (usernames, current passwords, badge numbers, remote-access credentials) during vishing calls, which would require the agent to handle and potentially output those secret values verbatim in transcripts/reports.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content contains explicit, operational social‑engineering instructions and templates (including direct prompts to elicit passwords, MFA codes, remote access, and wire transfers) that facilitate credential theft, fraud, and unauthorized access—posing a high abuse risk even when framed as "authorized" testing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md Phase 1 explicitly requires OSINT research (e.g., running theHarvester, reviewing LinkedIn and corporate "About Us" pages) and instructs aligning pretexts to those public, user-generated sources, so untrusted third‑party content is fetched and directly used to drive pretext selection and call behavior.