auditing-entra-id-with-aadinternals

Fail

Audited by Snyk on Jun 23, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These are mostly legitimate Microsoft endpoints, documentation, and GitHub/project pages for AADInternals and related tooling (dual‑use offensive PowerShell/Python code) — not typical obfuscated/malicious download-hosting sites, but they do host scripts/modules that can be used to perform high-impact attacks if downloaded and executed without authorization.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This skill package explicitly documents and automates offensive Entra ID techniques—unauthenticated recon and user enumeration, access-token acquisition and caching, exporting AD FS token‑signing certificates, converting domains into federation backdoors, and forging SAML tokens (Golden SAML)—which are deliberate tools for credential theft, data/token exfiltration, persistent impersonation and remote access if used outside authorized testing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text is fetched from public Microsoft endpoints at runtime (e.g., getuserrealm.srf and /.well-known/openid-configuration), then parsed/printed as readable JSON/prose and thus fed into the agent context via the script’s output.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 23, 2026, 03:40 AM
Issues
3
Security Audit — snyk — auditing-entra-id-with-aadinternals