The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.check_output() to execute multiple system tools including nmap, zerologon_tester.py, wmic, and powershell. These calls rely on external binaries being present in the system path and execute with the permissions of the user running the agent.
[COMMAND_EXECUTION]: The SKILL.md file provides ready-to-use shell commands for high-risk offensive actions, including resetting the Domain Controller machine account password (cve_2020_1472.py), performing DCSync attacks to dump all domain hashes (secretsdump.py), and obtaining remote shells (psexec.py, wmiexec.py).
[METADATA_POISONING]: There is a discrepancy in the author metadata. The SKILL.md frontmatter identifies the author as 'mahipal', whereas the LICENSE file attributes copyright to 'mukul975'. This inconsistency can be a sign of deceptive intent or improper attribution.
[COMMAND_EXECUTION]: In scripts/agent.py, the check_patch_status function interpolates the user-provided dc_ip directly into a command list for wmic. While shell=True is not used, the lack of input validation for the IP address parameter represents a poor security practice when interfacing with system-level utilities.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect injection as it ingests untrusted network-related data (IP addresses and hostnames) and uses them to drive subprocess executions without boundary markers or explicit sanitization logic.

exploiting-zerologon-vulnerability-cve-2020-1472