offensive-evil-twin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes configuration and command examples that embed plaintext secrets (e.g., wpa_passphrase=KnownPSK and placeholders for BSSIDs/credentials), which would require the model to insert secret values verbatim into outputs, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit operational guide for deploying rogue Wi‑Fi access points (evil twin/KARMA/Mana), coercing clients (deauth), conducting captive-portal phishing and post-association MITM (DNS/ARP/TLS interception), harvesting credentials and sessions, and delivering payloads—demonstrating clear, intentional malicious behavior and high risk for data theft, remote compromise, and evasion of defenses.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the SKILL.md explicitly instructs running post-association MITM tools (mitmproxy, bettercap) and to "mirror the legitimate captive portal's HTML/CSS exactly" (SKILL.md Captive Portal / Post-Association MITM sections), which requires fetching and interpreting arbitrary third-party web pages and client traffic as part of the attack workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running privileged system commands (sudo hostapd-mana/hostapd, dnsmasq, iptables, aireplay-ng, bettercap/mitmproxy, etc.) and changing network/firewall configuration and services, which modify the machine's state and require elevated privileges.