php-exploit-chain

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.95). This document is a high-risk, dual‑use offensive playbook: it contains explicit, actionable exploit-chain instructions (file-write→include RCE, SQLi→OUTFILE webshells, deserialization gadget chains, SSRF to internal services, and token forgery via leaked keys) that directly enable remote code execution, webshell deployment, data exfiltration and internal service compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires parsing composer.lock and comparing dependency versions against public Packagist Security Advisories and CVE databases (NVD/GitHub Advisory), meaning the agent will fetch and interpret untrusted third-party advisory content that can materially influence chain-assembly decisions.