offensive-zigbee-thread-matter

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly includes and instructs use of plaintext secret keys (the Touchlink transport key "0x9F559A553B7A6B2C5C4FBB4E84956F3D" and the default trust center key "ZigBeeAlliance09") and directs embedding them in attack commands, which requires the LLM to handle and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly offensive/offensive-research guidance enabling deliberate malicious actions—credential theft (network keys, PSKc), unauthorized device takeover (Touchlink with well-known key, ZCL commands to unlock doors), replay/injection attacks, and remote disruption—so it presents a direct, high-risk abuse blueprint.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs a runtime git clone of https://github.com/IoTsec/Z3sec and then executes its python script (python z3sec_inter_pan.py), which fetches and runs remote code that the skill relies on—constituting a high-risk runtime external dependency.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The hex string 0x9F559A553B7A6B2C5C4FBB4E84956F3D is a high-entropy, literal transport key (128-bit) used for Touchlink commissioning. It is directly present and is a real, usable credential that can grant commissioning access to many consumer Zigbee devices — therefore it is a hardcoded secret and should be flagged.

Ignored items / rationale:

• "ZigBeeAlliance09" (mentioned as an older default trust-center link key) is a known default, low-entropy/shared value; treat as a low-security/default credential (ignored per guidance).
• Placeholders like , , , and command examples, repo URLs, and sample passwords described as examples are documentation placeholders or low-entropy examples and are ignored.