Skills

The skill executes unpinned packages and performs unauthorized network and file operations while accessing sensitive environment variables without declaring necessary tool constraints or security permissions.

The skill executes unpinned packages and accesses sensitive environment variables without defined tool constraints, creating significant supply chain risks and potential for unauthorized data exfiltration.

The skill poses a security risk by accessing sensitive environment variables and fails to adhere to naming and licensing standards.

The skill lacks a license, uses improper naming conventions, and poses a security risk by accessing sensitive environment variables without justification.

The skill lacks defined tool constraints, executes unpinned packages, and accesses sensitive environment variables, creating significant supply chain and data exfiltration risks.

This skill poses significant risks by executing unpinned packages, accessing sensitive environment variables, and performing unconstrained system operations while lacking transparency regarding its purpose and security controls.

The skill poses a security risk by accessing sensitive environment variables, potentially exposing credentials and configuration data to unauthorized processes.

The skill poses a security risk by accessing sensitive environment variables, potentially exposing critical system credentials and configuration data.

The skill attempts to access sensitive credential files and perform unauthorized file writes while actively bypassing mandatory human oversight protocols.

The skill poses a security risk by attempting to access sensitive credential file paths, potentially leading to unauthorized exposure of AWS access keys and environment secrets.

This skill executes arbitrary commands, exposes hardcoded credentials, lacks necessary security declarations for network and tool access, and contains vulnerabilities to supply chain and cross-site scripting attacks.

The skill lacks defined tool constraints and network permissions while accessing sensitive environment variables, creating an unmonitored attack surface that risks unauthorized data exfiltration and system compromise.

The skill exhibits unauthorized access to sensitive environment variables, posing a significant risk of credential exfiltration and data exposure.

The skill exposes hardcoded credentials, lacks necessary security declarations for network and tool access, and provides insecure implementation instructions while failing to include critical documentation files.

This skill impersonates a reputable brand while containing unauthorized code patterns that access sensitive environment variables, posing a significant risk of credential exfiltration.

The skill accesses sensitive environment variables and executes arbitrary commands without declaring allowed tools, creating an unconstrained and high-risk attack surface for potential system compromise.

This skill is malicious, containing a reverse shell and unauthorized environment access, while also suffering from critical vulnerabilities including arbitrary file read, command injection, and unpinned dependency execution.

This skill facilitates unauthorized access and system compromise by providing automated exploitation, credential brute-forcing, and persistence mechanisms while lacking necessary security constraints on its tool execution surface.

The skill exposes sensitive environment variables and performs unauthorized network and file operations without declaring necessary tool permissions or providing required documentation.

This skill performs unauthorized file system traversal and credential access while deceptively misrepresenting its high-risk operations as safe in the manifest.

The skill performs unauthorized network communication and accesses sensitive environment variables while bypassing security constraints by failing to declare its tool surface or capabilities.

This skill lacks necessary security constraints, performs unauthorized network and file access, contains SQL injection vulnerabilities, and promotes the execution of unverified third-party code.

This skill is a malicious toolkit that automates unauthorized persistent access, credential theft, and lateral movement through SSH key injection, brute-forcing, and reverse shell establishment.

The skill lacks declared tool constraints while accessing sensitive environment variables and performing unauthorized network operations, posing a significant risk of data exfiltration and arbitrary command execution.

This skill is a malicious exploitation toolkit that facilitates unauthorized privilege escalation, credential theft, and persistent backdoor installation via reverse shells and unverified remote code execution.

The skill performs unauthorized file system access and hidden network operations while bypassing security constraints by failing to declare its tool usage and capabilities.

This skill functions as a malicious toolkit that provides instructions for credential harvesting, keylogging, persistence, and bypassing security controls to facilitate unauthorized system exploitation and surveillance.

This skill functions as a malicious offensive toolkit that instructs the agent to perform domain-wide credential theft, privilege escalation, and persistence while actively bypassing security and defensive controls.

This skill impersonates a known brand while exfiltrating sensitive environment variables and credential files through unauthorized network connections.

This skill performs unauthorized persistent code execution via git hooks, exfiltrates sensitive environment variables, and bypasses security constraints by executing undocumented network and file system operations.

This skill lacks defined tool constraints and attempts to access sensitive credential files, posing a significant risk of unauthorized data exfiltration and system compromise.

The skill poses a significant security risk by attempting to access sensitive credential file paths, indicating potential unauthorized data exfiltration.

The skill requests excessive workspace-wide write permissions and insecurely mandates storing sensitive Jira credentials in predictable local files vulnerable to exfiltration by malicious processes.

This skill exhibits dangerous patterns including credential exposure, unauthorized system enumeration, and unconstrained command execution, creating significant risks for lateral movement, data exfiltration, and system compromise.

The skill executes unverified remote scripts via shell pipes and uses insecure exec directives to handle sensitive credentials, creating critical command injection and credential exfiltration vulnerabilities.

The skill performs unauthorized access to sensitive environment variables and executes unconstrained system commands without declaring necessary tool permissions, posing a significant risk of data exfiltration and system compromise.

The skill uses keyword stuffing to hijack queries, accesses sensitive environment variables, and executes unconstrained system commands, posing a significant risk of data exfiltration and unauthorized system access.

The skill lacks defined tool constraints and improperly accesses sensitive environment variables, posing a significant risk of unauthorized data exfiltration and arbitrary command execution.

This skill exposes hardcoded credentials and executes unconstrained network and system commands without declaring necessary permissions, creating significant risks for unauthorized data exfiltration and system compromise.

This skill contains critical vulnerabilities, including unauthorized access to credential files, SQL injection patterns, and path traversal flaws, posing a severe risk of data exfiltration and system compromise.

This skill functions as a malicious attack toolkit, providing ready-to-deploy phishing, keylogging, and exfiltration payloads while bypassing security controls and operating without declared tool constraints.

This skill lacks defined tool constraints, performs unauthorized persistence, and exposes sensitive credentials by instructing users to store API keys in insecure shell configuration files.

This skill facilitates malicious activity by enabling automated mass-exploitation, SSRF, and OS-level command execution under the guise of database penetration testing.

The skill lacks defined security constraints, performs unauthorized network and environment access, and uses insecure dependency management, creating significant risks for supply chain and data exfiltration attacks.

The skill performs unauthorized file system access and network operations while bypassing security constraints by failing to declare its tool surface and network capabilities.

This skill facilitates unauthorized access to sensitive system credentials and provides actionable instructions for exploitation while bypassing security constraints by executing undeclared network and file system operations.

This skill masquerades as a security scanner but executes remote code, establishes reverse shells, and exfiltrates sensitive credentials from the host environment.

The skill contains hardcoded credentials and performs unauthorized network operations without declaring necessary tool permissions, creating significant risks for credential exposure and uncontrolled system access.