hugegraph-exploit

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill is an explicit exploit toolkit providing step‑by‑step payloads, automation, and templates to achieve unauthorised access — including RCE via Java reflection, reverse shells, OOB data exfiltration, and a hardcoded JWT auth bypass — clearly intended to facilitate system compromise and data theft.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and referenced docs (references/cve-2024-27348-gremlin-rce.md and references/cve-2024-43441-auth-bypass.md) instruct the agent to fetch and parse HTTP responses from arbitrary targets (e.g., GET /graphs, POST /gremlin, arbitrary TARGET URLs in the provided curl/Python scripts), so untrusted third-party responses directly influence detection and subsequent exploit actions.