offensive-wps

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly guides recovering WPS PINs and WPA PSKs and shows/prints those secrets (PIN and plaintext PSK) in plaintext as part of command outputs, which requires the LLM to handle and potentially output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is high-risk: it is an explicit attacker methodology for gaining unauthorized access to SOHO Wi‑Fi networks (offline undetectable Pixie Dust PIN recovery that yields PSKs, online PIN brute-force with lockout/time‑of‑day evasion, reboot/social‑engineering PBC abuse, and vendor PIN derivation), i.e., direct credential theft and evasion techniques — it does not, however, include hidden backdoor implants, remote C2/exfiltration code, or obfuscated payloads.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running multiple sudo commands that change network interfaces and kill services (e.g., airmon-ng check kill, start monitor mode, reaver/bully with sudo), which require elevated privileges and modify the host machine's state, so it should be flagged.