ghost-bits-cast-attack

High-risk offensive security skill. Its behavior is internally consistent with its stated purpose, but that purpose is to help an AI agent conduct exploitation and WAF-bypass attacks against Java services, including RCE-adjacent chains and real-world protocol abuse. No strong malware or exfiltration signal is present, but the skill materially increases attack capability and should be treated as dangerous.

This fragment is highly weaponized offensive material. It provides deterministic Unicode low-byte substitution generators and ready-to-use network request templates (Python/Yaklang/curl/raw HTTP) aimed at bypassing WAF/IDS normalization and shaping reconstructed backend tokens into exploitation-oriented patterns (e.g., traversal/CRLF/header injection and upload/webshell-style delivery). Its structure and examples strongly indicate malicious use rather than benign security tooling. Recommend rejection/removal and treat as active threat content if encountered in a dependency.