php-type-juggling

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit password payloads (magic strings) and curl commands that embed those values verbatim (e.g., the magic-password list and -d "password=..."), so an LLM following it would output secret/password values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit, step‑by‑step offensive guide for bypassing PHP authentication (magic-hash, type‑juggling, array/JSON tricks and ready-to-run curl payloads) that directly facilitates unauthorized access and is therefore high-risk for malicious abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs the agent to send HTTP requests (curl to $TARGET) and read/interpret responses (e.g., leaked MD5/SHA1 hashes and success/error messages) from arbitrary target web applications, which are untrusted third-party content that directly determines follow-up actions.