cot-injection

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is an explicit, high-risk attack methodology for CoT/ReAct prompt injection—detailing techniques to spoof intermediate tool outputs, bypass verification to trigger sensitive actions (refunds/transfers/data export), inject queries to exfiltrate data (including passwords), poison RAG corpora, and use encoding/obfuscation to evade detection—clearly intended for malicious abuse.