SKILL.md Prompt Injection - ATR-2026-00120 (2b7e19fd-6a1a-563d-975d-eab1ebbcbb3a)
Detects prompt injection patterns embedded in SKILL.md files. 91% of confirmed malicious skills combine prompt injection with malware delivery (Snyk ToxicSkills, Feb 2026). Patterns include: system message impersonation, DAN-style jailbreaks, instruction override, and safety disablement. The convergence attack flow uses prompt injection first to disable safety warnings, then delivers malicious payloads. Real campaign: ClawHavoc (1,184 skills) used injection to bypass agent safety before credential exfiltration.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| ML Supply Chain Compromise (d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9) | MITRE ATLAS Attack Pattern | SKILL.md Prompt Injection - ATR-2026-00120 (2b7e19fd-6a1a-563d-975d-eab1ebbcbb3a) | Agent Threat Rules | 1 |