network-pentest
Fail
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous high-risk commands for sensitive system operations, such as dumping LSASS memory via
procdumporcomsvcs.dlland manipulating Windows services to gain SYSTEM privileges. - [DATA_EXFILTRATION]: Explicit instructions and templates are included for exfiltrating sensitive data to external attacker-controlled infrastructure using
curlPOST requests and SMB shares. - [REMOTE_CODE_EXECUTION]: The skill facilitates the download and execution of third-party binary exploitation tools such as Mimikatz, Rubeus, and SharpHound from unverified GitHub repositories.
- [EXTERNAL_DOWNLOADS]: Multiple prerequisites involve downloading code and binaries from non-trusted external sources like
lgandx/Responderand various individual GitHub accounts. - [CREDENTIALS_UNSAFE]: Includes commands for extracting high-value credentials including the SAM database, SYSTEM registry hive, and the Active Directory NTDS.dit database.
Recommendations
- AI detected serious security threats
Audit Metadata