zombie-brute

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and encourages embedding plaintext passwords directly into command lines (e.g., -p admin123, -p 'P@ssw0rd') and instructs using password files/credentials for brute‑forcing, which requires the LLM to handle or reproduce secret values verbatim.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). The URL points to a GitHub repository for a brute‑force tool ("zombie") maintained by an unverified/unknown account; such dual‑use tooling distributed via repos (possibly with binaries or install/run instructions) is high risk for malware or illegal misuse.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly instructs and facilitates multi-protocol brute-force attacks, credential spraying, and large-scale unauthorized access attempts, clearly enabling credential theft and system compromise.