fscan-scan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes numerous examples that embed plaintext passwords, NTLM hashes, and other credentials directly into command-line arguments (e.g., -pwd 'P@ssw0rd', -hash aad3b435...:xxxxx), which requires the LLM to handle or reproduce secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content explicitly documents and instructs on offensive, unauthorized actions—network-wide scanning, automated weak‑password brute forcing, exploit POCs and automated exploitation (MS17‑010), credential reuse/pass‑the‑hash, writing SSH keys and scheduled tasks via Redis, remote command execution and reverse shells—indicating deliberate malicious intent and high abuse potential.