performing-iot-security-assessment

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting hardcoded credentials, password hashes, and plaintext WiFi credentials from firmware and network captures and includes them verbatim in findings (example: "camera123"), which requires the LLM to handle and output secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). Yes — a direct HTTP link to a .sh script on an untrusted domain (attacker.com) is a classic malware distribution vector (e.g., wget … | sh) and therefore highly suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill both in SKILL.md and scripts/agent.py explicitly fetches and ingests public third‑party content (e.g., "Download from manufacturer website" and "FCC ID lookup" in the workflow, intercept device‑to‑cloud communications, and agent.py's check_mqtt which subscribes to '#' and analyze_firmware which processes downloaded firmware), so untrusted/public content is read and used to drive subsequent testing actions.