gradio-exploit

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is a purpose-built exploit toolkit providing ready-to-run scripts, templates, and step-by-step instructions to perform unauthorized LFI/SSRF attacks against Gradio servers—enabling direct data exfiltration (local files like /etc/passwd, /etc/shadow, SSH keys, process env), cloud metadata theft, internal network probing, and automated exploitation—constituting deliberate malicious activity.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's exploit workflows (e.g., references/cve-2024-47167-lfi.md and references/ssrf-exploits.md) send requests to arbitrary TARGET hosts (POST /component_server and POST /queue/join) and then read and act on the returned /file= responses and content, thus ingesting untrusted third‑party web content that directly controls follow-on actions.