ldap-injection-testing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill provides ready-to-use bash commands (
ldapsearch) for performing network-based LDAP queries against external targets, enabling exploitation of LDAP services. - [DATA_EXFILTRATION] (HIGH): Contains specific injection payloads designed to extract sensitive user attributes, including password hashes, emails, and phone numbers from LDAP directories.
- [REMOTE_CODE_EXECUTION] (HIGH): Methodology includes logic for authentication bypass and privilege escalation on target systems through malicious query construction, posing a high risk to external targets.
- [PROMPT_INJECTION] (HIGH): The skill creates a high-risk surface for indirect prompt injection by design. Evidence: 1. Ingestion point: LDAP search results and server responses (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory:
ldapsearch(shell) andldap3(python) for network operations. 4. Sanitization: No sanitization is performed on external LDAP data before it is processed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata