The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The deployment instructions in SKILL.md (Phase 1) command the user to fetch a docker-compose.yml file from a URL shortener (https://ghst.ly/getbhce). The use of redirection services masks the true destination and origin of the configuration file, preventing manual or automated source verification.
[REMOTE_CODE_EXECUTION]: Immediately after the download, the skill instructs the user to run docker compose up -d. This pattern executes the contents of the unverified YAML file, which could be configured to deploy malicious images, mount sensitive host directories to containers, or grant containers excessive privileges to compromise the host system.
[COMMAND_EXECUTION]: The file scripts/agent.py uses the subprocess.run function to execute the bloodhound-python command-line tool. Although it passes arguments as a list, it facilitates the execution of external binaries using credentials and domain information provided by the user via command-line arguments.

conducting-internal-reconnaissance-with-bloodhound-ce