msf-oneshot

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and interactive_session commands explicitly set plaintext usernames/passwords (e.g., set PASSWORD ..., HttpPassword, USERNAME) and would require the agent to insert those secret values verbatim into generated commands, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit, high-risk offensive playbook: it provides step‑by‑step Metasploit/ msfvenom exploits, reverse‑shell payload generation, handler setup, post‑exploitation commands (hashdump, getsystem, file upload/download), brute‑force scanners, and encoding/obfuscation advice—clearly enabling remote code execution, credential theft, persistence and data exfiltration.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Yes — the prompt explicitly instructs running msfconsole/msfvenom, generating payload files, starting persistent handlers/interactive sessions (writing files, opening listeners, executing network/exploit commands), which directly modify the host filesystem and network state and enable compromising the machine.