http-smuggling-advanced

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is an explicit, step-by-step exploitation guide for HTTP request smuggling (including payloads, automation scripts and tooling) that instructs how to exfiltrate credentials/tokens, bypass ACLs, poison caches, escalate XSS and access internal/admin endpoints — clearly enabling deliberate malicious actions and data exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs the agent/operator to run network probes and tools against arbitrary external targets (e.g., "python3 smuggler.py -u https://target.com", h2csmuggler usage, curl examples and OAST with burp-collaborator.net) which cause the agent/tooling to fetch and interpret untrusted public web responses that directly influence detection and next-action decisions.