active-directory-attacks
Fail
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill provides commands to extract highly sensitive credentials and password hashes from Domain Controllers and system memory using tools like secretsdump.py and Mimikatz.
- [EXTERNAL_DOWNLOADS]: The instructions require downloading and executing numerous external offensive security toolsets, including the Impacket suite, BloodHound collectors, Rubeus, and CrackMapExec.
- [COMMAND_EXECUTION]: The workflow involves executing system-level commands for lateral movement and administrative impersonation, such as Pass-the-Hash and Pass-the-Ticket attacks.
- [COMMAND_EXECUTION]: The skill uses privilege escalation via sudo to synchronize system clocks for Kerberos attacks and runs various scripts to automate domain enumeration.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by instructing the agent to ingest unsanitized data from Active Directory user and group properties. Ingestion points: Active Directory reconnaissance data from BloodHound and PowerView (SKILL.md). Boundary markers: Absent. Capability inventory: Execution of various shell commands and Python/PowerShell scripts (SKILL.md). Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata