HTML Injection Testing

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content provides explicit, actionable HTML injection payloads and techniques that enable data exfiltration and credential theft (phishing forms, remote form actions, cookie leakage, external tracking), and thus poses a high risk of misuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directs the agent to fetch and analyze open/public web content (e.g., curl commands, Burp/OWASP ZAP spidering, and a Python fuzzing script that uses requests.get against arbitrary target URLs like http://target.com/search?q=...), so the agent would read untrusted third-party/user-generated content as part of its workflow.