performing-red-team-phishing-with-gophish

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows embedding API keys in command-line arguments and code (e.g., --api-key and api = Gophish("api_key", ...)), which requires the agent to include secret values verbatim in generated commands/code, creating exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This code is explicitly an automation tool for phishing campaigns: it creates landing pages with capture_credentials=True, configures SMTP sending profiles, imports target lists, launches campaigns, and collects campaign results (including submitted credentials) — functionality that directly enables credential theft and mass phishing; there are no signs of hidden backdoors, obfuscated payloads, remote code execution primitives, or covert exfiltration to unknown endpoints, but the intended abuse (phishing/credential harvesting/sending unsolicited emails) is clear.