tracking-threat-actor-infrastructure

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and expects API keys to be passed directly into client constructors and request headers/auth (e.g., Shodan.Shodan("YOUR_SHODAN_API_KEY"), headers={"APIKEY": api_key}, auth=(user, api_key)), which would require the LLM or agent to handle and potentially emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). This skill explicitly fetches and parses data from public third‑party sources (Shodan, SecurityTrails/PassiveTotal, crt.sh, VirusTotal, RDAP) as shown in SKILL.md and implemented in scripts/agent.py and scripts/process.py, and it uses those untrusted results to pivot, generate findings, and drive follow‑on actions, so external content can materially influence agent behavior.