authentication

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.95). This content includes numerous explicit exploit proof‑of‑concepts and runnable tools (NTLM hash capture listener, OAuth token stealer, response interception/modification for 2FA/CAPTCHA bypass, OTP extraction/brute‑force scripts, JWT/JKU/x5c forging and kid traversal attacks, SSRF to cloud metadata, etc.) that are clearly usable to steal credentials, exfiltrate tokens, and achieve remote account/system compromise — high potential for malicious abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's 2FA bypass documentation (reference/2FA_BYPASS.md) includes runtime code to fetch and parse untrusted, user-generated third-party content (e.g., IMAP access to imap.gmail.com and Guerrilla Mail API calls) and explicitly uses extracted OTPs from those emails to drive subsequent authentication actions, so third-party content is ingested and can materially influence tool behavior.