Skills
skills/wgpsec/aboutsecurity/java-deserialization-methodology/Snyk

java-deserialization-methodology

Fail

Audited by Snyk on Apr 22, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit secret-like value (the Shiro default rememberMe key "kPH+bIxk5D2deZiIxcaaaA==") and instructs using it in exploitation payloads, which would require the agent to include that secret verbatim in generated payloads/commands.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This content is explicitly malicious: it provides step‑by‑step exploitation techniques (ysoserial gadget chains, JNDI/LDAP/RMI injection, Shiro rememberMe default key, Log4j JNDI payloads), attacker-controlled service commands, base64/serialized payload examples and exfiltration commands (e.g., cat /flag.txt), enabling remote code execution, data exfiltration and backdoor-style access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) explicitly instructs using URLDNS with an external DNS logging service (e.g., UNIQUE_ID.dnslog.cn) and to inspect untrusted target responses/error stack traces (e.g., Fastjson/JNDI error messages) to confirm vulnerabilities and choose payloads, so the agent ingests and acts on third‑party content that can influence subsequent actions.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). Flagged the Shiro default rememberMe key "kPH+bIxk5D2deZiIxcaaaA==" — this is a high-entropy, Base64-encoded symmetric key that can be used to forge/decrypt Shiro rememberMe cookies and thus is a real, usable credential when present in documentation or code.

Ignored items and why:

  • "\xac\xed\x00\x05", "aced0005", "rO0AB", "H4sIAAAA": magic bytes / encoding signatures, not credentials.
  • "rememberMe=deleteMe": low-entropy example/setup value — treated as a placeholder.
  • Port numbers, references, and other strings are documentation artifacts, not secrets.

Therefore a real secret is present (the Shiro default key).

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 22, 2026, 07:58 AM
Issues
4