Skills
skills/mukul975/anthropic-cybersecurity-skills/exploiting-active-directory-with-bloodhound/Snyk

exploiting-active-directory-with-bloodhound

Fail

Audited by Snyk on Mar 15, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This content is explicitly offensive: it contains step-by-step instructions and automation to collect and exfiltrate Active Directory data, perform credential-theft techniques (Kerberoasting, AS‑REP roasting, LSASS dumps), abuse ACLs and GPOs for remote code execution/persistence, and automate exploitation chains—actions that constitute deliberate malicious behavior if used without authorization.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs transferring and executing offensive collectors (SharpHound/BloodHound.py), exfiltrating data, and planning/executing AD attack chains (ACL/GPO abuse), which actively instructs compromising and modifying target systems' state.

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 10:49 PM
Issues
2