deploying-active-directory-honeytokens

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs creating privileged Active Directory accounts, adding SPNs, and modifying GPO/SYSVOL (actions requiring Domain Admin/sudo-equivalent privileges) which modify the system/domain state and thus can compromise the machine.