ctf-flag-hunting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the skill instructs reading credentials (config/.env) and then embedding them verbatim into commands (e.g., mysql -u -p), which requires the LLM to output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High-risk: the content explicitly provides step-by-step instructions for abusing RCE/LFI/SQLi to steal credentials and environment variables, deploy webshells/persistent backdoors, escalate access and exfiltrate sensitive data.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). Yes — the skill explicitly instructs writing webshells, modifying logs/deploying files and running commands that alter filesystem and services (active exploitation), so it pushes the agent to change and compromise the machine state.