gitlab-exploit

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicitly malicious: it contains ready-to-run exploit code and step-by-step instructions to perform unauthorized remote code execution, account takeover, and arbitrary file exfiltration against GitLab instances.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's provided exploit and scan scripts (e.g., in SKILL.md and references/cve-rce-exploits.md and references/cve-account-takeover.md) make HTTP requests to arbitrary target URLs (e.g., GET /users/sign_in, GET /help, POST /uploads/user) and parse untrusted HTML/response text/CSRF tokens, so third‑party content from those public sites is fetched and directly influences subsequent detection and exploitation actions.