conducting-internal-reconnaissance-with-bloodhound-ce

SUSPICIOUS: The skill’s offensive AD reconnaissance purpose matches its capabilities, but it remains high risk because it equips an AI agent for red-team internal recon and uses an obscured short-link installer for the main deployment path. The data collection and exfiltration steps are consistent with the stated purpose, yet the install trust issue and offensive use case make this unsuitable to treat as benign.

The document is a detailed, actionable reconnaissance playbook for Active Directory enumeration using BloodHound CE and common collectors. It contains explicit instructions to collect, centralize, and exfiltrate sensitive AD data, and it prescribes low-noise/evasion techniques and OPSEC—making it high risk if used without authorization. It is dual-use: valid for authorized red-team or purple-team exercises but dangerous for unauthorized intrusions. No embedded malicious code was found, but the procedural guidance significantly lowers the barrier to offensive activity; treat as sensitive operational material and restrict to authorized environments.