performing-active-directory-penetration-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds many explicit credentials (usernames, passwords, service account secrets, and tokens) directly in command examples, which requires the LLM to include secret values verbatim in outputs and therefore poses a high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is high-risk: it is an explicit, actionable offensive AD playbook and automation (commands and scripts) that enable credential theft (Kerberoast, AS-REP, LSASS dumps, DCSync), privilege escalation (RBCD, ADCS abuse, Golden/Silver tickets), and persistence (Skeleton Key, AdminSDHolder/SIDHistory), i.e., deliberate weaponization for full domain compromise (no hidden backdoor/evasion or external exfiltration observed, but the material is clearly malicious if misused).

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running privileged local commands (e.g., "sudo neo4j start"), credential/LSASS injection tools (mimikatz), and actions that create or modify accounts/services (impacket-addcomputer, ADCS template edits), all of which change the agent host or domain state.