The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/agent.py includes a hardcoded default password (bloodhound) for the Neo4j database connection used to store and query Active Directory data.
[COMMAND_EXECUTION]: The file scripts/agent.py invokes external security collectors (SharpHound.exe and bloodhound-python) via subprocess.check_output. While these are legitimate tools for the skill's stated purpose, the execution of external binaries poses a risk in automated environments.
[EXTERNAL_DOWNLOADS]: The references/workflows.md file contains a command to download a configuration file from an external URL (https://ghst.ly/getbhce), which is an unverified source for security-sensitive materials.
[DATA_EXFILTRATION]: The core functionality of the skill involves the collection and extraction of sensitive Active Directory relationship data, including group memberships, user properties, and session information. This behavior is the primary objective of the skill and represents a significant data handling risk.
[PROMPT_INJECTION]: The skill ingests untrusted Active Directory data from JSON and ZIP files (in scripts/agent.py and scripts/process.py) to generate reports and findings. The lack of data sanitization or boundary markers represents a surface for indirect prompt injection, where malicious AD objects could influence the agent's summary and output.

exploiting-active-directory-with-bloodhound