active-directory-attacks

This skill is explicitly an offensive Active Directory attack playbook. It contains clear, actionable instructions to harvest credentials, perform privilege-escalation and domain compromise (DCSync, Kerberoasting, Golden/Silver Tickets, NTLM relays, CVE exploitation), and to run unverified binaries and exploit scripts. Its capabilities, required inputs, and data flows are coherent for malicious or dual-use red-team operations but are inappropriate for general-purpose or trusted agent skills. The content enables credential harvesting, lateral movement, remote code execution, and exfiltration. Treat this skill as high-risk: it should not be present in public agent skill registries without strict access controls, authorization gating, provenance checks, and use-case validation. If found in an agent with execution privileges, immediate removal and audit are warranted.