langflow-exploit

MALICIOUS. This skill’s stated purpose is to exploit LangFlow instances using unauthorized access, brute force, and code injection to achieve RCE. Its capabilities are fundamentally offensive, disproportionate, and incompatible with a benign AI agent skill, even though dependency installation itself is low-risk and direct-to-official endpoints.

This fragment documents highly malicious exploit tooling for LangFlow: it describes unauthorized JWT acquisition or default/weak credential brute forcing, creating public flows, and triggering server-side code execution via the build endpoint using injected component code. It further includes command execution output exfiltration and optional reverse shell callbacks. While the actual Python source is not provided here, the described end-to-end behavior is explicitly exploit/RCE-focused and would represent a severe supply-chain security risk if present in a package.