Skills
skills/yaklang/hack-skills/active-directory-certificate-services/Snyk

active-directory-certificate-services

Fail

Audited by Snyk on Apr 9, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill includes numerous examples that embed plaintext passwords, API-like secrets, and pfx passwords directly in commands (e.g., -p password, --CaCertPassword "pass") which instructs the agent to handle and output secret values verbatim, creating exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). The SKILL is an explicit, high-risk attack playbook describing step-by-step abuse of Active Directory Certificate Services (NTLM relay to enrollment endpoints, ESC1–ESC13 exploitation, template/CA ACL abuse, CA officer workflows, CA key extraction and forged certificates) that facilitates credential theft, privilege escalation to Domain Admin, persistent backdoors via forged certificates, and full domain compromise.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 9, 2026, 01:12 PM
Issues
2