active-directory-attacks

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt’s examples and workflow repeatedly embed plaintext credentials, hashes, and passwords directly into commands (e.g., user:password, -p 'password', domain/admin:pass@host, NTHASH), which would force an LLM to accept and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is explicit, maliciously intented offensive guidance (high-risk) providing step‑by‑step techniques to steal credentials (Mimikatz, DCSync, Kerberoast, AS‑REP), perform remote code execution and lateral movement (psexec, wmiexec, exploits like ZeroLogon/PrintNightmare), create persistent backdoors and forged tokens/tickets (Golden/Silver tickets, RBCD, GPO/SCCM/WSUS deployment, shadow credentials, ADFS Golden SAML), and abuse certificate/relay attacks for privilege escalation and potential data exfiltration — i.e., clear, actionable instructions for compromising Active Directory environments.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs privileged, state-changing actions (e.g., "sudo date -s" to change system time) and guides using tools and exploits that alter system/domain state and require elevated/sudo privileges, so it pushes the agent to modify the host/target state.