skills/sebas-aikon-intelligence/antigravity-awesome-skills/Active Directory Attacks/Gen Agent Trust Hub
Active Directory Attacks
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes offensive tools like Mimikatz, Impacket, and BloodHound to perform sensitive domain operations, including DCSync attacks and credential dumping.
- [EXTERNAL_DOWNLOADS] (MEDIUM): It references several third-party binaries (e.g., SharpHound.exe, Rubeus.exe) and Python scripts that are not sourced from trusted organizations like those in the provided whitelist.
- [DATA_EXFILTRATION] (MEDIUM): The workflow is designed to extract sensitive cryptographic material, such as NTLM hashes and Kerberos tickets, from the target environment.
- [REMOTE_CODE_EXECUTION] (MEDIUM): Exploitation instructions for CVE-2021-1675 involve executing code from an external SMB share.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes data from Active Directory enumeration (LDAP/BloodHound) which could be manipulated by an adversary. Ingestion points: LDAP/BloodHound results in SKILL.md. Boundary markers: Absent. Capability inventory: Subprocess calls to python, powershell, and bash in SKILL.md and references/advanced-attacks.md. Sanitization: Absent.
Audit Metadata