exploiting-active-directory-with-bloodhound

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill pack explicitly provides step‑by‑step offensive Active Directory exploitation guidance (data collection/exfiltration, credential theft via Kerberoast/AS‑REP and LSASS dumps, lateral movement with PsExec/WMI, GPO/scheduled‑task remote code execution, and ACL abuse) and automation scripts to facilitate those actions, so it is intentionally enabling malicious activity despite an authorization notice.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow files (SKILL.md and references/workflows.md) explicitly instruct fetching and running third‑party resources (e.g., curl -L https://ghst.ly/getbhce, wget https://github.com/BloodHoundAD/BloodHound/releases/latest, git clone https://github.com/PlumHound/PlumHound.git) from public sites and to import/execute that content as part of the analysis, so untrusted external content can be consumed and materially alter tool behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs transferring and executing SharpHound collectors, exfiltrating data, identifying and exploiting privilege escalation paths (e.g., DCSync, ACL abuse) and "execute identified attack chain," which are active offensive actions that run code on and modify the state of target hosts (and could direct the agent to perform those actions on its host).