default-cred-sweep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes many plaintext username:password pairs and directs the agent to test and record them (e.g., using them in tests/commands and saving evidence), which requires emitting credentials verbatim and thus poses direct exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is explicit offensive guidance: it instructs default-credential brute-forcing and password spraying with lockout-evasion, credential reuse across services, deploying webshells/RCE via Tomcat, direct database access to read sensitive data/flags, and storing/exfiltrating discovered credentials—behaviors that enable unauthorized access, lateral movement, and data theft.