prompt-leak

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and outputting system prompts (via direct requests, formatted outputs, translation/summarization, etc.), which can contain API keys/credentials, so it encourages the model to reveal secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is a high-risk, intentionally offensive playbook that instructs how to extract LLM system prompts, discover hidden tools/endpoints, and retrieve API keys or internal URLs (via direct prompting, reflection, side‑channels and error‑induction), enabling unauthorized data exfiltration, credential theft, and follow-on exploitation (SSRF/reconnaissance) rather than benign research guidance.