offensive-bluetooth-classic

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is explicitly offensive and provides actionable, step-by-step instructions to discover and exploit Bluetooth Classic devices—covering service enumeration, SPP console access, BlueSnarf/FTP file access (data exfiltration), HID spoofing/keystroke injection (credential theft), audio eavesdropping, forcing weak pairing via KNOB and firmware patching (device compromise/persistent manipulation)—and therefore clearly enables deliberate malicious activity.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly instructs fetching and running public, user-hosted tools (e.g., "git clone https://github.com/seemoo-lab/internalblue", running Armis blueborne_scanner.py, and links to https://github.com/SnailSploit/offensive-checklist) — untrusted third-party content that the operator/agent would ingest and whose outputs can directly influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime commands that clone and run external repositories (e.g., git clone https://github.com/seemoo-lab/internalblue and git clone https://github.com/ArmisSecurity/blueborne followed by executing internalblue / python blueborne_scanner.py), which fetch and execute remote code the workflow depends on.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running privileged commands (sudo hciconfig, sudo hcitool, sudo rfcomm bind), creating device nodes, and even patching firmware (internalblue), which modify system state and require elevated privileges.