skills/mukul975/anthropic-cybersecurity-skills/exploiting-active-directory-with-bloodhound/Gen Agent Trust Hub
exploiting-active-directory-with-bloodhound
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/agent.pyscript executes external binariesSharpHound.exeandbloodhound-pythonusingsubprocess.check_output. These tools are standard for Active Directory enumeration in security testing contexts. - [CREDENTIALS_UNSAFE]: The
scripts/agent.pyfile contains hardcoded default credentials (neo4j:bloodhound) for connecting to a local Neo4j database. While these are documented defaults for the BloodHound tool, they represent a best-practice violation. - [DATA_EXFILTRATION]: The workflow outlined in
SKILL.mdexplicitly directs the user to exfiltrate collected ZIP data files containing Active Directory information. This is an intended function for the skill's use case in offensive security assessments. - [EXTERNAL_DOWNLOADS]: The
references/workflows.mdfile contains instructions to download a Docker configuration from a known vendor's short-link service (ghst.ly), which points to official resources for BloodHound Community Edition.
Audit Metadata