First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
4
Score
76/100
Findings (4)
Detects instructions to decode and execute base64 content
decode(serializedTransactionRemove text that simulates multi-turn conversations or fake user/assistant message pairs. These patterns attempt to manipulate the agent by fabricating conversation history.
Likely FP if the matched text is documentation showing example conversations or API request/response formats for illustration purposes.
Detects instructions to decode and execute base64 content
decode(serializedTransactionRemove text that simulates multi-turn conversations or fake user/assistant message pairs. These patterns attempt to manipulate the agent by fabricating conversation history.
Likely FP if the matched text is documentation showing example conversations or API request/response formats for illustration purposes.
Detects instructions to decode and execute base64 content
decode(serializedTransactionRemove text that simulates multi-turn conversations or fake user/assistant message pairs. These patterns attempt to manipulate the agent by fabricating conversation history.
Likely FP if the matched text is documentation showing example conversations or API request/response formats for illustration purposes.
Detects pip install of arbitrary packages that modify the host environment
pip install soPin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.
Likely FP if the match is in documentation showing how to install the skill's own PyPI package.