offensive-wpa-enterprise

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly captures credentials (challenge/response and cracked plaintext passwords) and shows/uses them verbatim in commands and tooling (e.g., asleap/hashcat inputs, nxc/bloodhound commands with -p 'Password123!'), requiring the agent to handle and output secrets directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is explicit, operational guidance for conducting evil‑twin RADIUS attacks, capturing and cracking credentials (MSCHAPv2/NetNTLM), stealing client certificates (DPAPI/NDES/AD CS abuse), and pivoting into Active Directory—deliberate instructions to steal credentials and compromise systems for unauthorized access.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running privileged tools (sudo tshark, airodump-ng, eaphammer) and actions that change network interfaces and create rogue services (evil-twin RADIUS/AP), which require and encourage modifying the host system state and escalating privileges.