The Agent Skills Directory

[COMMAND_EXECUTION] (CRITICAL): The skill contains a vast library of commands for performing offensive network operations, including NTLM relay attacks, DCSync credential dumping, and exploitation of critical CVEs (ZeroLogon, PrintNightmare).
[DATA_EXFILTRATION] (CRITICAL): Explicit instructions and tool references (secretsdump.py, Mimikatz, lsadump) are provided for harvesting sensitive domain credentials, NT hashes, and Kerberos tickets.
[EXTERNAL_DOWNLOADS] (HIGH): The skill references and requires numerous third-party offensive tools (e.g., SharpHound.exe, Rubeus.exe, MalSCCM.exe, SharpWSUS.exe) from untrusted sources. Automated scans have already flagged secretsdump.py as a malicious URL.
[REMOTE_CODE_EXECUTION] (HIGH): Guidance includes the deployment of malicious payloads via SCCM/WSUS and the loading of attacker-hosted DLLs (e.g., \\attacker\share\evil.dll) through PrintNightmare exploitation.
[PERSISTENCE] (HIGH): Documentation explicitly describes methods to maintain access by creating backdoor user accounts via Group Policy Objects (GPOs) and WSUS updates.
[INDIRECT_PROMPT_INJECTION] (HIGH): This skill has a high-risk attack surface as it ingests untrusted data from network reconnaissance and interpolates it directly into high-privilege execution commands without boundary markers or sanitization.
Ingestion points: Network data, domain object properties, and user-provided credentials (SKILL.md, references/advanced-attacks.md).
Boundary markers: Absent. There are no delimiters or instructions to ignore embedded malicious content.
Capability inventory: Full system command execution via shell scripts, executable triggers, and network protocol manipulation across all files.
Sanitization: None detected. External content is used directly in string-interpolated commands.

Active Directory Attacks