offensive-lorawan-sub-ghz

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs extracting and using cryptographic keys (AppKey, NwkSKey, AppSKey) and shows commands that pass them as CLI arguments (e.g., --nwkskey ), which requires the LLM to include secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill contains explicit, operational instructions for capturing keys, decrypting/join manipulation, replaying signals, injecting downlinks, and exploiting known cryptographic weaknesses (KeeLoq, fixed-code remotes, TPMS), i.e., clear, deliberate guidance to gain unauthorized access and control of wireless/IoT systems with high abuse potential.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs fetching and using public third‑party resources (e.g., "git clone https://github.com/Lora-net/LoRaMac-node", "git clone https://github.com/IoTsec/loraserver-attack-tools", and "Source: https://github.com/SnailSploit/offensive-checklist/blob/main/wireless.md"), which are untrusted user‑generated web content the workflow expects the agent to ingest/use and which could materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs users to run "git clone https://github.com/IoTsec/loraserver-attack-tools" followed by "python lora_inject.py", which is high-confidence evidence that remote code is fetched at runtime and then executed (https://github.com/IoTsec/loraserver-attack-tools).