cloud-containers

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit offensive playbook with step‑by‑step instructions for credential theft, data exfiltration, remote code execution, privilege escalation, container/host escape, and persistence (e.g., uploading shells, abusing metadata services, kubelet exec→hostPath mounts, Docker socket abuse, Lambda/code update, MinIO/LocalStack exploitation), enabling unauthorized compromise of systems and clusters.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's reference and workflow explicitly instruct fetching and parsing content from open/public sources (e.g., reference/cloud-security.md shows aws s3 cp --no-sign-request and curl on public S3/GCS buckets, gsutil/gsutil ls, and arbitrary HTTP endpoints) and uses that untrusted, user-generated content to drive follow-up actions (credentials extraction, privilege escalation and payload selection), creating a clear path for indirect prompt injection.