xxe-injection-methodology

No malware execution or data exfiltration behavior exists in the provided fragment because it contains only static evaluation/prompt configuration. However, the content is explicitly designed to facilitate XXE exploitation and blind data exfiltration techniques (including external DTD/parameter entity guidance and Content-Type/format probing). From a supply-chain perspective, shipping this artifact is high misuse-risk if it is used to generate or automate attacks, even though the snippet itself is not a runnable payload.

该技能的实际用途是让 AI 代理执行 XXE 漏洞探测与利用，包含文件读取、SSRF 与盲外带取数，属于高风险攻防能力授予。虽然未见可疑安装源或凭证窃取流程，但其能力范围与 exploit 类目的确一致，整体应判为高风险而非普通 benign 技能。

This document is a clear, actionable XXE attack guide. It instructs how to read local files, obtain source code via php://filter, and perform blind exfiltration using external DTDs. It targets common parsers and document formats (SOAP, SVG, DOCX) and includes bypass techniques for filters. Treat this as malicious/instructional content and consider it high-risk: any XML parser that allows external entity processing and external DTD retrieval is vulnerable. Remediation: disable external entity expansion and external DTD loading, use safe XML parsing libraries or settings (e.g., disable DOCTYPE, disable network access for DTDs), validate/transform untrusted uploads, and apply least privilege to file access on servers.