performing-kerberoasting-attack
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The scripts
scripts/agent.pyandscripts/process.pyusesubprocess.runto execute external security and system tools likeldapsearch,wevtutil, and theimpacketlibrary. This functionality is core to the skill's purpose but involves running commands based on user-provided parameters. - [CREDENTIALS_UNSAFE]: The
scripts/process.pyscript accepts domain credentials, including plaintext passwords and NTLM hashes, via command-line arguments. This can lead to sensitive information being exposed in process listings or shell history files. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion and analysis of external data.
- Ingestion points: The functions
enumerate_spn_accountsanddetect_kerberoastinginscripts/agent.pyandscripts/process.pyread data from Active Directory (LDAP) and Windows Security Event logs (.evtxfiles). - Boundary markers: There are no boundary markers or instructions to ignore instructions embedded within the ingested data.
- Capability inventory: The skill has the capability to execute shell commands, perform network operations (LDAP), and write files (reports), which could be leveraged if malicious instructions were successfully injected into the processed logs or directory attributes.
- Sanitization: The skill lacks sanitization for the data retrieved from external sources before it is processed or incorporated into generated reports.
Audit Metadata