The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py executes various system commands using subprocess.check_output, including nmap, wmic, and powershell. These are used to perform network scanning and retrieve sensitive system configuration details such as patch levels and registry settings.
[COMMAND_EXECUTION]: The skill attempts to execute zerologon_tester.py, an external utility used to perform a high volume of unauthorized authentication attempts (approx. 256) against domain controllers to exploit cryptographic weaknesses in the Netlogon protocol.
[REMOTE_CODE_EXECUTION]: Documentation in SKILL.md provides explicit instructions and command-line examples for achieving remote code execution on compromised domain controllers using Impacket's psexec.py and wmiexec.py via Pass-the-Hash techniques.
[PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection vulnerability surface (Category 8). It ingests untrusted data from network command outputs (nmap, wmic) and simulated Windows Event Logs in scripts/process.py without sanitization or boundary markers. This data is incorporated into reports which may influence subsequent agent actions or be interpreted as instructions.
Ingestion points: Command output in scripts/agent.py (lines 18, 33, 49) and JSON log parsing in scripts/process.py (line 147).
Boundary markers: None present; external content is directly interpolated into strings and logs.
Capability inventory: Subprocess command execution (scripts/agent.py), file writing (scripts/agent.py), and network socket operations (scripts/process.py).
Sanitization: No sanitization or validation of the external tool output is performed before processing or reporting.
[DATA_EXFILTRATION]: While not directly exfiltrating data to a remote server, the skill provides instructions for secretsdump.py to extract all domain user hashes (DCSync), representing a critical data exposure risk for the entire Active Directory environment.

exploiting-zerologon-vulnerability-cve-2020-1472