hashcat-crack

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that embed plaintext credentials on the command line (e.g., domain/user:pass) and instructs workflows that produce and handle cracked plaintext passwords, which can require the agent to include secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is a step-by-step offensive guide for obtaining and cracking stolen authentication material (NTLM/NetNTLMv2/Kerberos/AS-REP/etc.) using tools like secretsdump/Responder/GetUserSPNs and hashcat, clearly facilitating credential theft and account takeover.