exploiting-kerberoasting-with-impacket

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains numerous example commands and workflows that embed plaintext passwords and NTLM hashes (e.g., "Password123", ":aad3b435b...", "Summer2024!") which the agent would be expected to output verbatim, creating a direct secret-exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill contains explicit, actionable offensive tooling and scripts to enumerate SPNs, request Kerberos TGS tickets, crack them offline, validate and reuse credentials (including Pass-the-Hash, psexec, secretsdump/DCSync), and guidance for targeting high-value accounts—clearly enabling credential theft and domain compromise rather than benign defensive code.