attacking-entra-id-with-roadtools

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/agent.py script uses subprocess.run to execute the roadrecon and roadtx binaries. This is the primary function of the orchestrator script and does not use a shell, which minimizes command injection risks.
  • [EXTERNAL_DOWNLOADS]: The skill instructions include installing roadrecon and roadtx from the official Python Package Index (PyPI). These are well-known security industry tools.
  • [CREDENTIALS_UNSAFE]: The orchestration script handles sensitive identity materials, such as passwords and JWT tokens. While it accepts these via command-line arguments and reads them from a local file (.roadtools_auth), this behavior is standard for identity assessment tooling and does not include hardcoded secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 03:40 AM
Security Audit — agent-trust-hub — attacking-entra-id-with-roadtools